First I don’t know what I was thinking… I think this only change the default for the current use… not all users; I just
neveruse this form.
alter default privileges in schema readonly grant select on tables to readonly;
> On Nov 7, 2018, at 2:08 AM, pavan95 <pavan.postgresdba@gmail.com> wrote:
>
> Rui,
>
> Thanks for responding. I'm perfectly alright with this approach. But can we
> do the same in "PUBLIC" schema??
>
Yeah; but why I think it already defaults to that; like I said before you should drop the public schema and not use it.
The other option is to revoke from the public role on the public schema.
I normally create a schema owner user that owns the objects and is only use for creating objects. Then I alter it
defaultprivileges to grant what ever access the application needs and other user role needs, etc. It’s always better
tobe granular if you development model supports it instead of sweeping rules.