Re: public schema grants to PUBLIC role
| От | Christoph Moench-Tegeder |
|---|---|
| Тема | Re: public schema grants to PUBLIC role |
| Дата | |
| Msg-id | ZAnEb0jn09gISJaU@squirrel.exwg.net обсуждение исходный текст |
| Ответ на | public schema grants to PUBLIC role (Dominique Devienne <ddevienne@gmail.com>) |
| Список | pgsql-general |
## Dominique Devienne (ddevienne@gmail.com): > Hi. I've recently realized via a post (or article?) from Laurenz that the > PUBLIC role has CREATE privilege on the 'public' schema by default (see > query below). I guess it can't be avoided? You could just use PostgreSQL 15: https://www.postgresql.org/docs/15/release-15.html#id-1.11.6.7.4 > In particular, we need extensions, which are loaded in public by default. > Will USAGE of public be enough for LOGIN users having access to the DB to > use extensions? Plus any grants on the extension's object. > More broadly, we want to secure the DB so that all DB access and schema > access are explicit. > Anything else to be aware of please, beside the two mentioned above? Have a look at default privileges and group roles, that will make your life much easier. https://www.postgresql.org/docs/15/ddl-priv.html Regards, Christoph -- Spare Space.
В списке pgsql-general по дате отправления: