On 5/25/22 08:20, Tom Lane wrote:
> Rob Sargent<robjsargent(at)gmail(dot)com> writes:
>> Just wondering if I've bumped into some security issue.
>> I'm somewhat surprised that "grant connect to database <dbname> to
>> <role>" appears to be stored "by name"?
> I think you are forgetting that databases have a default GRANT CONNECT
> TO PUBLIC. You need to revoke that before other grants/revokes will
> have any functional effect.
>
> regards, tom lane
Yes, of course. Thanks