Q about access control and others

Hello everyone!

I have just installed the a/m on my RedHat Linux 5.2 system and is trying out the
security aspects of the program and couldn't quite figure something out.
Maybe someone can help me with my problems? I installed all the postgresql .rpms
files that came with the RHL 5.2 .

Bascially, the question is how can I protect my database. I tried the following :-



1) createdb test
2) createuser user1
3) createuser user2
4) psql -h dbsvr -d test -u

Both user1 and user2 are able to access the db called test. How can I prevent user2
from being able to access the db?

Also, is the files in the template directory which is copied over to the test directory
necessary for operation of every new database that is created?

Last but not least, is there anyway I can list out the database users that have been
created on the system?

Thanks in advance!