Home > mailing lists

Rationale for PUBLIC having CREATE and USAGE privileges on the schema"public" by default - Mailing list pgsql-general

From	Olegs Jeremejevs
Subject	Rationale for PUBLIC having CREATE and USAGE privileges on the schema"public" by default
Date	February 17, 2018 05:50:48
Msg-id	CAOpVyVv1U_uwU2wY4VWMuqOuGvtLjpf9OHoRXC-SoQom6rbPPg@mail.gmail.com Whole thread Raw
Responses	Re: Rationale for PUBLIC having CREATE and USAGE privileges on theschema "public" by default ("David G. Johnston" <david.g.johnston@gmail.com>)
List	pgsql-general

Tree view

Hi,

I'm aware that these default privileges are documented:

https://www.postgresql.org/docs/10/static/ddl-schemas.html#DDL-SCHEMAS-PRIV

However, I'm unable to find any reasoning behind their existence. Normally, one can just revoke them and move on, but they have caused me some trouble in a managed deployment (Compose, where you can't login as the owner of the schema or as a superuser, so it's impossible to do the revocation, so you're essentially forced to use a non-public schema), and I would like to understand the need for them.

I assume they make it a bit easier for new users to try out the database, and I see that they go at least as far as 7.3, but has there been any discussion of removing them? And if so, why was it decided to keep them?

Regards,

Olegs

pgsql-general by date:

From: Thiemo Kellner
Date: 17 February 2018, 05:49:56
Subject: Re: Dynamic PL/pgSQL select query: value association propblem

From: Ken Tanzer
Date: 17 February 2018, 06:22:18
Subject: Re: Trigger (or something similar) on table rename?

Rationale for PUBLIC having CREATE and USAGE privileges on the schema"public" by default - Mailing list pgsql-general

Previous

Next