By default, every user has permission to do anything on public schema. Because users are created outside of databases here. If you want to users not to have any permission when those are created, use this:
REVOKE ALL ON SCHEMA public FROM PUBLIC;
and now provide permissions what you want to specific users.
GRANT ALL/SELECT/.... ON SCHEMA public to your_user;
Cheers
On Friday, 22 January, 2021, 02:29:31 pm IST, Yambu <hyambu@xxxxxxxxx> wrote:
Hello
I created a user like this
CREATE USER user1 WITH PASSWORD '<password>';
GRANT CONNECT ON DATABASE db1 TO user1;
GRANT SELECT ON ALL TABLES IN SCHEMA public TO user1;
What amazes me is that when I connect using user1, I'm able to create a table and drop it. How can this be?
GRANT CONNECT ON DATABASE db1 TO user1;
GRANT SELECT ON ALL TABLES IN SCHEMA public TO user1;
What amazes me is that when I connect using user1, I'm able to create a table and drop it. How can this be?
