Rob Sargent <robjsargent@xxxxxxxxx> writes: > Just wondering if I've bumped into some security issue. > I'm somewhat surprised that "grant connect to database <dbname> to > <role>" appears to be stored "by name"? I think you are forgetting that databases have a default GRANT CONNECT TO PUBLIC. You need to revoke that before other grants/revokes will have any functional effect. regards, tom lane
