Postgres Pro
Downloads
Home   >   mailing lists

Re: "default deny" for roles - Mailing list pgsql-hackers

From Stephen Frost
Subject Re: "default deny" for roles
Date
Msg-id 20120828181232.GE1267@tamriel.snowman.net
Whole thread Raw
In response to "default deny" for roles  (David Fetter <david@fetter.org>)
List pgsql-hackers
Tree view 
David,

* David Fetter (david@fetter.org) wrote:
> There are situations where a "default deny" policy is the best fit.

That's certainly true.  It's also what we *have*.  The only places where
we aren't "default deny" are places where things have been granted to
"public".

Feel free to revoke "public" from the objects in your environment.
Thanks,
    Stephen

pgsql-hackers by date:

Previous
From: Tom Lane
Date:
Subject: Re: "default deny" for roles
Next
From: Heikki Linnakangas
Date:
Subject: Re: SP-GiST micro-optimizations