| From: | Rohit Rajput <rht(dot)rajput(at)yahoo(dot)com> |
|---|---|
| To: | Pgsql-admin <pgsql-admin(at)lists(dot)postgresql(dot)org>, Yambu <hyambu(at)gmail(dot)com> |
| Subject: | Re: Create Read only user |
| Date: | 2021-01-22 09:05:13 |
| Message-ID: | 1549478926.1190866.1611306313653@mail.yahoo.com |
| Views: | Raw Message | Whole Thread | Download mbox | Resend email |
| Thread: | |
| Lists: | pgsql-admin |
By default, every user has permission to do anything on public schema. Because users are created outside of databases here. If you want to users not to have any permission when those are created, use this:
REVOKE ALL ON SCHEMA public FROM PUBLIC;
and now provide permissions what you want to specific users.
GRANT ALL/SELECT/.... ON SCHEMA public to your_user;
Cheers On Friday, 22 January, 2021, 02:29:31 pm IST, Yambu <hyambu(at)gmail(dot)com> wrote:
Hello
I created a user like this
CREATE USER user1 WITH PASSWORD '<password>';
GRANT CONNECT ON DATABASE db1 TO user1;
GRANT SELECT ON ALL TABLES IN SCHEMA public TO user1;
What amazes me is that when I connect using user1, I'm able to create a table and drop it. How can this be?
| From | Date | Subject | |
|---|---|---|---|
| Next Message | dbatoCloud Solution | 2021-01-22 13:13:36 | max_worker_processer configuration for DWH databases? |
| Previous Message | Yambu | 2021-01-22 08:58:52 | Create Read only user |