PostgREST
PostgreSQL Default Permissions
While I was trying to setup PostgREST (will make a post on that later), I noticed that there were a lot of issues with the default permissions for PostgreSQL Databases.
template1=# \dn+
List of schemas
Name | Owner | Access privileges | Description
--------+----------+----------------------+------------------------
public | postgres | postgres=UC/postgres+| standard public schema
| | =UC/postgres |
(1 row)
The main thing that was worrying here was =UC/postgres
. According to the docs,
this means that the postgres
user is granting all other users in PostgreSQL USAGE
and CREATE
permissions on the database.