public inbox for [email protected]
help / color / mirror / Atom feedFrom: Adrian Klaver <[email protected]>
To: sreekanta reddy <[email protected]>
To: [email protected]
Subject: Re: Permissions for Newly Created User
Date: Fri, 18 Oct 2024 09:14:32 -0700
Message-ID: <[email protected]> (raw)
In-Reply-To: <CAK5dmvD-63hFPBZ+GnuZEO9Knabpw1wnrWnrHuADjWPFF-Pgvw@mail.gmail.com>
References: <CAK5dmvD-63hFPBZ+GnuZEO9Knabpw1wnrWnrHuADjWPFF-Pgvw@mail.gmail.com>
On 10/18/24 03:11, sreekanta reddy wrote:
>
> Dear PostgreSQL Support Team,
>
> I would also like to suggest an enhancement to the default behavior for
> newly created users in PostgreSQL.
>
> *Observed Issue:
> *User Created: testdb
> Command used: CREATE USER testdb WITH PASSWORD 'dhsfjobodjjbsdj';
> After creating the user testdb, I observed that the user could still
> view objects, schemas, and their structures, as well as system tables
> and views, which contradicts the intended restricted permissions.
What restrictions?
The user has what is specified here:
https://www.postgresql.org/docs/current/ddl-priv.html
Pay particular attention to what is granted to the PUBLIC role.
If you want the role to have less privilges that what the defaults are
then you will need to explicitly revoke them.
--
Adrian Klaver
[email protected]
view thread (3+ messages)
reply
Reply instructions:
You may reply publicly to this message via plain-text email
using any one of the following methods:
* Reply to all the recipients using the --to and --cc options:
reply via email
To: [email protected]
Cc: [email protected], [email protected], [email protected]
Subject: Re: Permissions for Newly Created User
In-Reply-To: <[email protected]>
* Save the following mbox file, import it into your mail client,
and reply-to-all from there: mbox
This inbox is served by agora; see mirroring instructions
for how to clone and mirror all data and code used for this inbox