Re: AW: [Extern] Re: PG16.1 security breach?

On 6/7/24 06:54, Zwettler Markus (OIZ) wrote:
>> -----Ursprüngliche Nachricht-----
>> Von: Joe Conway <mail@joeconway.com>
>> Gesendet: Freitag, 7. Juni 2024 15:22
>> An: Zwettler Markus (OIZ) <Markus.Zwettler@zuerich.ch>; pgsql-
>> general@lists.postgresql.org
>> Betreff: [Extern] Re: PG16.1 security breach?
>>
>> On 6/7/24 07:04, Zwettler Markus (OIZ) wrote:

> 
> Argh. No! What a bad habit!
> 
> Might be good idea for an enhancement request to create a global parameter to disable this habit.

Read this

https://www.postgresql.org/docs/current/ddl-priv.html

through several times, it will make things clearer. In particular the 
part that starts "PostgreSQL grants privileges on some types of objects 
to PUBLIC by default when the objects are created. ..."

> 
> Thanks Markus
> 

-- 
Adrian Klaver
adrian.klaver@aklaver.com