Peter Fein wrote:
> Hi all-
>
> Is there any way to disable PUBLIC access by default? When I create
You can revoke permissions from the public schema, and you can even
delete the public schema entirely. I did the first:
revoke create on schema public from public
revoke create on tablespace pg_default from public
revoke create on tablespace pg_global from public
If you do this while connect to template1, then all future databases
will have this set up at the time the database is created.
> a new object (table, function, etc.), it has no ACL, as expected.
> However, the first time I run:
>
> GRANT ALL ON FUNCTION foo() to GROUP developers;
>
> Postgress seems to do:
>
> GRANT ALL ON FUNCTION foo() to PUBLIC;
>
> I assume this is b/c no ACL is equivalent to PUBLIC access & this
> gets included when adding specific privileges.
>
> I want *no* PUBLIC access to anything by default for security
> reasons. Is there a way to prevent this behavior?
>
> ---------------------------(end of
> broadcast)---------------------------
> TIP 4: Have you searched our list archives?
>
> http://archives.postgresql.org
--
Guy Rouillier