Peter Fein wrote: > Hi all- > > Is there any way to disable PUBLIC access by default? When I create You can revoke permissions from the public schema, and you can even delete the public schema entirely. I did the first: revoke create on schema public from public revoke create on tablespace pg_default from public revoke create on tablespace pg_global from public If you do this while connect to template1, then all future databases will have this set up at the time the database is created. > a new object (table, function, etc.), it has no ACL, as expected. > However, the first time I run: > > GRANT ALL ON FUNCTION foo() to GROUP developers; > > Postgress seems to do: > > GRANT ALL ON FUNCTION foo() to PUBLIC; > > I assume this is b/c no ACL is equivalent to PUBLIC access & this > gets included when adding specific privileges. > > I want *no* PUBLIC access to anything by default for security > reasons. Is there a way to prevent this behavior? > > ---------------------------(end of > broadcast)--------------------------- > TIP 4: Have you searched our list archives? > > http://archives.postgresql.org -- Guy Rouillier ---------------------------(end of broadcast)--------------------------- TIP 1: if posting/reading through Usenet, please send an appropriate subscribe-nomail command to majordomo@xxxxxxxxxxxxxx so that your message can get through to the mailing list cleanly
