Re: Create Read only user

Is there any weird unexpected downside to revoking perms on PUBLIC from all
my users? It drives me nuts the random stuff that fills this schema up,
even after I got everyone their own shiny personal schema.

On Fri, Jan 22, 2021 at 12:09 PM Holger Jakobs <holger(at)jakobs(dot)com> wrote:

> Yes, the PUBLIC schema is a remnant from times when no schemas were
> used, but all table were created in the database itself. This was the
> case in the early 7.x versions.
>
> There are still some applications around which have no notion of a
> schema. This is especially true for those which are expected work with a
> bunch of very weak database servers, for instance with MySQL.
> MySQL/MariaDB only have schemas and just a single database per server
> instance. They call their schemas databases, though.
>
> If you have an application which is made to run with PostgreSQL, the
> configuration will allow to specify a schema to put the tables into.
>
> Otherwise, you'll have to set up a search path including the schema you
> want the database objects to end up in. You can configure the default
> search path for the application user appropriately using ALTER ROLE.
>
> Hardly any application forces the PUBLIC schema to be around. It's just
> that the PUBLIC schema exists in the template1 database with full access
> to PUBLIC and thus will exist in every database you create, unless you
> remove it (or change the access rights) in the template1 database. And
> the default search path includes PUBLIC.
>
> Actually, this only exists to be compatible with *very* old applications.
>
> Regards,
>
> Holger
>
> --
>
> Holger Jakobs, Bergisch Gladbach, Tel. +49-178-9759012
>
>
>

--
Wells Oliver
wells(dot)oliver(at)gmail(dot)com <wellsoliver(at)gmail(dot)com>