Hi all,
I have a postgresql 15 instance with two databases in it, and I have a need to grant read-only access to one of those
databasesto a given user.
To do this I created a dedicated role for readonly access to the database db1:
CREATE ROLE "dv_read_db1"
GRANT CONNECT ON DATABASE db1 TO dv_read_db1
GRANT USAGE ON SCHEMA public TO “dv_read_db1"
GRANT SELECT ON ALL TABLES IN SCHEMA public TO “dv_read_db1"
ALTER DEFAULT PRIVILEGES IN SCHEMA public GRANT SELECT ON TABLES TO “dv_read_db1"
CREATE USER minfrin LOGIN;
GRANT dv_read_db1 TO minfrin;
On the surface this works, I get readonly access to db1.
Trouble is, I can create tables in db1 which is write access. I can also connect to db2 (bad), and I can enumerate the
tablesin db2 (bad), although the queries of the contents say access is denied.
I appears the mechanism I am using above has insecure side effects.
What is the way to grant read only access to a single database, without exposing other databases, and being futureproof
againstfuture features offering potential write access to a read only user?
Regards,
Graham
—