Scott Ribe <scott_ribe@xxxxxxxxxxxxxxxx> writes: > On Aug 7, 2020, at 12:27 PM, Adrian Klaver <adrian.klaver@xxxxxxxxxxx> wrote: >> So what privileges does role 'confidential_read_only' have? > read on everything ... including usage on the schema in question? If I'm reading this correctly, you have set things up so that any session logging in as akanzler will immediately do "SET ROLE confidential_read_only", after which it's the privileges of that role not akanzler that determine what happens. regards, tom lane
