Re: Permissions for Newly Created User

From: Adrian Klaver <adrian(dot)klaver(at)aklaver(dot)com>
To: sreekanta reddy <sreekantareddy18(at)gmail(dot)com>, pgsql-general(at)lists(dot)postgresql(dot)org
Subject: Re: Permissions for Newly Created User
Date: 2024-10-18 16:14:32
Message-ID: 671802a8-95b0-4af1-ad43-2e131057a89a@aklaver.com
Views: Raw Message | Whole Thread | Download mbox | Resend email
Thread:
Lists: pgsql-general

On 10/18/24 03:11, sreekanta reddy wrote:
>
> Dear PostgreSQL Support Team,
>
> I would also like to suggest an enhancement to the default behavior for
> newly created users in PostgreSQL.
>
> *Observed Issue:
> *User Created: testdb
> Command used: CREATE USER testdb WITH PASSWORD 'dhsfjobodjjbsdj';
> After creating the user testdb, I observed that the user could still
> view objects, schemas, and their structures, as well as system tables
> and views, which contradicts the intended restricted permissions.

What restrictions?

The user has what is specified here:

https://www.postgresql.org/docs/current/ddl-priv.html

Pay particular attention to what is granted to the PUBLIC role.

If you want the role to have less privilges that what the defaults are
then you will need to explicitly revoke them.

--
Adrian Klaver
adrian(dot)klaver(at)aklaver(dot)com

In response to

Browse pgsql-general by date

  From Date Subject
Next Message Tom Lane 2024-10-18 16:44:26 Re: Permissions for Newly Created User
Previous Message Adrian Klaver 2024-10-18 16:04:18 Re: Backup