Received: from malur.postgresql.org ([217.196.149.56])
	by arkaria.postgresql.org with esmtps  (TLS1.3) tls TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384
	(Exim 4.94.2)
	(envelope-from <pgsql-general-owner+archive@lists.postgresql.org>)
	id 1tfNzy-00235B-57
	for pgsql-general@arkaria.postgresql.org; Tue, 04 Feb 2025 18:50:14 +0000
Received: from localhost ([127.0.0.1] helo=malur.postgresql.org)
	by malur.postgresql.org with esmtp (Exim 4.94.2)
	(envelope-from <pgsql-general-owner+archive@lists.postgresql.org>)
	id 1tfNzx-0078pv-5U
	for pgsql-general@arkaria.postgresql.org; Tue, 04 Feb 2025 18:50:13 +0000
Received: from makus.postgresql.org ([2001:4800:3e1:1::229])
	by malur.postgresql.org with esmtps  (TLS1.3) tls TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384
	(Exim 4.94.2)
	(envelope-from <ayushvatsa1810@gmail.com>)
	id 1tfNzw-0078pn-QV
	for pgsql-general@lists.postgresql.org; Tue, 04 Feb 2025 18:50:12 +0000
Received: from mail-ed1-x530.google.com ([2a00:1450:4864:20::530])
	by makus.postgresql.org with esmtps  (TLS1.3) tls TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256
	(Exim 4.96)
	(envelope-from <ayushvatsa1810@gmail.com>)
	id 1tfNzu-003Ano-25
	for pgsql-general@lists.postgresql.org;
	Tue, 04 Feb 2025 18:50:11 +0000
Received: by mail-ed1-x530.google.com with SMTP id 4fb4d7f45d1cf-5dcdb56c9d3so80605a12.0
        for <pgsql-general@lists.postgresql.org>; Tue, 04 Feb 2025 10:50:10 -0800 (PST)
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed;
        d=gmail.com; s=20230601; t=1738695008; x=1739299808; darn=lists.postgresql.org;
        h=to:subject:message-id:date:from:mime-version:from:to:cc:subject
         :date:message-id:reply-to;
        bh=gGhG6TMdRy0kAMzQfrlOEuHgE3nr2FhVQEAwfzxZOdc=;
        b=lRXQCylAt/2YZAxPYzhsbSnwmqaCj8M0fiUSKlsaZ8plEGzxpx6LufTmVGnriwa/5F
         jWbp0/thHjPW3DsM/NiPDmye6RoJWbLnybcR+/H4O70TcUIzBZ8z85JQa8SdpuHJTbpd
         PfKuk8pfDu3Vh1TJJrjkeqxeFEbRh2k3/+w7EuYbZtvEj2aCuIqdoX0wDJsB666Rg+L/
         qcXaCKYPIvCd5DsmE6ADrROrDL3iJzHL1MHqW0lmUofct2CLvQ9o/A7PxSCKZrEeXz4h
         xNr5zzjoCZ73TxI1nKCDCRb0pplUt1L96wFIw6pcJyfkbTa/zK8/KqjfqZTJLTUp0E04
         09eA==
X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed;
        d=1e100.net; s=20230601; t=1738695008; x=1739299808;
        h=to:subject:message-id:date:from:mime-version:x-gm-message-state
         :from:to:cc:subject:date:message-id:reply-to;
        bh=gGhG6TMdRy0kAMzQfrlOEuHgE3nr2FhVQEAwfzxZOdc=;
        b=EwNXb3+8vep3hCnrRldwAIoj1veMknrKkxL08H/MhV1sxN3bxmC3HdY8gjmbRoJmGw
         k5YWY8p5WoClEzSv2cMV9Uxj/6C5J7A9kOWy1aFsGHmrcPLtKrBDXucEkpYqkgpKBJ6h
         t8OWcx/dk9vqBg04krtjsJel7BIjUhRgUA6jclRuP621+QYZPH7YQMZZduQgGAsNmWE1
         RDY/zhqaDWqD5jIgZfvdqjWYinYzWaWDhc/BUQMQhO7NjyUDzQmxNBjYHVOBot2GGQsD
         48YVMY+vvpCz+boca5zzHH3KUUkyzkZBtLO3FxEAD7QNZaosP2iBXge9HTsVIeLOz7ay
         lNaA==
X-Gm-Message-State: AOJu0YyxHnrxRVYYGAb/Bu5Sk7mw6J1IaVdcdh+IUt9aRW8/3uMhNlgu
	Y053J9MnsmCaycjsVlym0Gda218tl4qZiVC0nEv7YMGoe3fTRrjSgsgfgaOmxv8y+sv0r2VDaxu
	BxsaKSDgZ/Qks76poZmzDp9clJiHflLnQN3E=
X-Gm-Gg: ASbGncuZdyyx+FbolUNnoH1QKEIE/v1rZe4vDtFtSGQfv93Pq6Pz7GdvQdD0Py2QT7Y
	lqfYXElFFBHKwrzlqm8ZZz0E4Cq2ZzJIfDaKXtcmk3PVqnEkdYzlPBDqk/NxGPVTYjmFPgw==
X-Google-Smtp-Source: AGHT+IFERyQOvq9zx3qWL1zLdmCRcVssFd/SQLZzwcFT0WsW9pnZAMmzeNTFywx/nULWn6V39UAeaYYJ4z/sqxNj6q4=
X-Received: by 2002:a05:6402:234e:b0:5dc:7374:261d with SMTP id
 4fb4d7f45d1cf-5dcdb6f9f81mr330737a12.7.1738695007601; Tue, 04 Feb 2025
 10:50:07 -0800 (PST)
MIME-Version: 1.0
From: Ayush Vatsa <ayushvatsa1810@gmail.com>
Date: Wed, 5 Feb 2025 00:19:56 +0530
X-Gm-Features: AWEUYZnG51BpGDXfR3Dwq9Q_ncVtoKcl6qg6kzl08guye-uD_CZv6K5Z9hc9ovg
Message-ID: <CACX+KaPVTfcmt__Ogwsf7xomtcCABktiA8iSJ+iCxOdbzKNnUA@mail.gmail.com>
Subject: Understanding ALTER DEFAULT PRIVILEGES Behavior in PostgreSQL
To: pgsql-general@lists.postgresql.org
Content-Type: multipart/alternative; boundary="0000000000004d0d63062d557ad7"
List-Id: <pgsql-general.lists.postgresql.org>
List-Help: <https://lists.postgresql.org/manage/>
List-Subscribe: <https://lists.postgresql.org/manage/>
List-Post: <mailto:pgsql-general@lists.postgresql.org>
List-Owner: <mailto:pgsql-general-owner@lists.postgresql.org>
List-Archive: <https://www.postgresql.org/list/pgsql-general>
Archived-At: <https://www.postgresql.org/message-id/CACX%2BKaPVTfcmt__Ogwsf7xomtcCABktiA8iSJ%2BiCxOdbzKNnUA%40mail.gmail.com>
Precedence: bulk

--0000000000004d0d63062d557ad7
Content-Type: text/plain; charset="UTF-8"
Content-Transfer-Encoding: quoted-printable

Hello PostgreSQL Community,

I was experimenting with default privileges in PostgreSQL and came across a
behavior I didn=E2=80=99t
fully understand. I would appreciate any insights on this.

I wanted to ensure that, by default, no roles had EXECUTE privileges on
functions created in my
schema. To achieve this, I ran the following:

postgres=3D# CREATE SCHEMA my_schema;
CREATE SCHEMA

postgres=3D# CREATE ROLE alex LOGIN;
CREATE ROLE

postgres=3D# ALTER DEFAULT PRIVILEGES IN SCHEMA my_schema REVOKE EXECUTE ON
FUNCTIONS FROM PUBLIC;
ALTER DEFAULT PRIVILEGES

postgres=3D# CREATE OR REPLACE FUNCTION my_schema.hello_world()
RETURNS TEXT AS $$
BEGIN
    RETURN 'Hello, World!';
END;
$$ LANGUAGE plpgsql;
CREATE FUNCTION

postgres=3D# GRANT USAGE ON SCHEMA my_schema TO alex;
GRANT

postgres=3D# SET ROLE alex;
SET

postgres=3D> SELECT my_schema.hello_world();
  hello_world
---------------
 Hello, World!
(1 row)

To my surprise, alex was still able to execute the function hello_world,
even though I had
altered the default privileges before creating it. I was expecting the
function to be inaccessible
unless explicitly granted permissions.

Could someone help me understand why this happens? Also, what would be the
best way to
ensure that, by default, no roles (except the function owner) have any
privileges on new
functions created in my protected schema?
I know about REVOKE ALL ON ALL FUNCTIONS IN SCHEMA my_schema FROM public bu=
t
this won't work for the functions created after this revoke statement.

Thanks
Ayush Vatsa

--0000000000004d0d63062d557ad7
Content-Type: text/html; charset="UTF-8"
Content-Transfer-Encoding: quoted-printable

<div dir=3D"ltr"><p>Hello PostgreSQL Community,</p><p>I was experimenting w=
ith default privileges in PostgreSQL and came across a behavior I didn=E2=
=80=99t<br>fully understand. I would appreciate any insights on this.</p><p=
>I wanted to ensure that, by default, no roles had <code>EXECUTE</code> pri=
vileges on functions created in my<br>schema. To achieve this, I ran the fo=
llowing:</p><p>postgres=3D# CREATE SCHEMA my_schema;<br>CREATE SCHEMA<br><b=
r>postgres=3D# CREATE ROLE alex LOGIN;<br>CREATE ROLE<br><br>postgres=3D# A=
LTER DEFAULT PRIVILEGES IN SCHEMA my_schema REVOKE EXECUTE ON FUNCTIONS FRO=
M PUBLIC;<br>ALTER DEFAULT PRIVILEGES<br><br>postgres=3D# CREATE OR REPLACE=
 FUNCTION my_schema.hello_world()<br>RETURNS TEXT AS $$<br>BEGIN<br>=C2=A0 =
=C2=A0 RETURN &#39;Hello, World!&#39;;<br>END;<br>$$ LANGUAGE plpgsql;<br>C=
REATE FUNCTION<br><br>postgres=3D# GRANT USAGE ON SCHEMA my_schema TO alex;=
<br>GRANT<br><br>postgres=3D# SET ROLE alex;<br>SET<br><br>postgres=3D&gt; =
SELECT my_schema.hello_world();<br>=C2=A0 hello_world =C2=A0<br>-----------=
----<br>=C2=A0Hello, World!<br>(1 row)<br><br>To my surprise, <code>alex</c=
ode> was still able to execute the function hello_world, even though I had<=
br>altered the default privileges before creating it. I was expecting the f=
unction to be inaccessible<br>unless explicitly granted permissions.</p><p>=
Could someone help me understand why this happens? Also, what would be the =
best way to<br>ensure that, by default, no roles (except the function owner=
) have any privileges on new<br>functions created in my protected schema?=
=C2=A0<br>I know about REVOKE ALL ON ALL FUNCTIONS IN SCHEMA my_schema FROM=
 public but<br>this won&#39;t work for the functions created after this rev=
oke statement.</p><p>Thanks<br>Ayush Vatsa</p></div>

--0000000000004d0d63062d557ad7--