| From: | "Guy Rouillier" <guyr(at)masergy(dot)com> |
|---|---|
| To: | <pgsql-general(at)postgresql(dot)org> |
| Subject: | Re: No PUBLIC access by default? |
| Date: | 2005-08-11 21:56:08 |
| Message-ID: | CC1CF380F4D70844B01D45982E671B239E8A2D@mtxexch01.add0.masergy.com |
| Views: | Raw Message | Whole Thread | Download mbox | Resend email |
| Thread: | |
| Lists: | pgsql-general |
Peter Fein wrote:
> Hi all-
>
> Is there any way to disable PUBLIC access by default? When I create
You can revoke permissions from the public schema, and you can even
delete the public schema entirely. I did the first:
revoke create on schema public from public
revoke create on tablespace pg_default from public
revoke create on tablespace pg_global from public
If you do this while connect to template1, then all future databases
will have this set up at the time the database is created.
> a new object (table, function, etc.), it has no ACL, as expected.
> However, the first time I run:
>
> GRANT ALL ON FUNCTION foo() to GROUP developers;
>
> Postgress seems to do:
>
> GRANT ALL ON FUNCTION foo() to PUBLIC;
>
> I assume this is b/c no ACL is equivalent to PUBLIC access & this
> gets included when adding specific privileges.
>
> I want *no* PUBLIC access to anything by default for security
> reasons. Is there a way to prevent this behavior?
>
> ---------------------------(end of
> broadcast)---------------------------
> TIP 4: Have you searched our list archives?
>
> http://archives.postgresql.org
--
Guy Rouillier
| From | Date | Subject | |
|---|---|---|---|
| Next Message | Christian Goetze | 2005-08-11 21:59:17 | Re: Upgrading 7.3.9 -> 7.4.8 - trouble with blobs |
| Previous Message | Tom Lane | 2005-08-11 21:52:05 | Re: Upgrading 7.3.9 -> 7.4.8 - trouble with blobs |