The other day I returned idly to thinking about some work I did a few
years ago on creating a totally unprivileged user, i.e. one with not
even public permissions. The work I did then involved hacking the
pg_catalog, information_schema and public schemas and their contents.
Unfortunately, it doesn't survive a dump and restore, so it's really
quite fragile. But it occurred to me that this could be more easily and
robustly accomplished if we create a role attribute of NOPUBLIC or some
such.
Thoughts?
cheers
andrew