| From: | "David G(dot) Johnston" <david(dot)g(dot)johnston(at)gmail(dot)com> |
|---|---|
| To: | Bryn Llewellyn <bryn(at)yugabyte(dot)com> |
| Cc: | Adrian Klaver <adrian(dot)klaver(at)aklaver(dot)com>, Neeraj M R <neerajmr12219(at)gmail(dot)com>, Tom Lane PostgreSQL <tgl(at)sss(dot)pgh(dot)pa(dot)us>, pgsql-general list <pgsql-general(at)lists(dot)postgresql(dot)org> |
| Subject: | Re: Restricting user to see schema structure |
| Date: | 2022-05-17 14:53:01 |
| Message-ID: | CAKFQuwZrgdPeoneH8j1oHOBDpbWJwz_iB=HeBGXU6M1rcOgnPQ@mail.gmail.com |
| Views: | Raw Message | Whole Thread | Download mbox | Resend email |
| Thread: | |
| Lists: | pgsql-general |
On Mon, May 16, 2022 at 10:21 PM Bryn Llewellyn <bryn(at)yugabyte(dot)com> wrote:
>
> Right, I see the importance of this now. I now realize that when a
> database is created, CONNECT on it is automatically granted to PUBLIC. But
> there's no mention of this (or what to read to learn that this is the case)
> in the "pg_hba.conf" chapter. Nor does the section on the CREATE DATABASE
> statement mention this. How is the neophyte supposed to know about this
> behavior?
>
By reading the documentation, specifically the chapter linked before, where
this is discussed.
https://www.postgresql.org/docs/current/ddl-priv.html
Not saying there isn't room for improvement here, I tend to agree that the
SQL Command Reference section should be considered a primary jumping off
point. But the chapter on Data Definition is basically mandatory reading
once a DBA wants to do any non-trivial modifications to their cluster.
David J.
| From | Date | Subject | |
|---|---|---|---|
| Next Message | Dan Lynch | 2022-05-17 15:29:11 | Postgres AST Deparser for Postgres |
| Previous Message | David G. Johnston | 2022-05-17 14:33:14 | Re: Alternative to slow SRF in SELECT? |