On Tue, May 17, 2022 at 6:47 PM Bryn Llewellyn <[email protected]> wrote:
> *[email protected] <[email protected]> wrote:* > > [email protected] wrote: > > The paragraph describes very surprising behavior in the present era of > "secure by default". The sentence "For maximum security..." at the end > emphasizes this and has you go to some effort (CREATE and REVOKE in the > same txn) to undo the "insecurity by default" paradigm. I s'pose that > compatibility on upgrade means that nothing can change here. > > > There is movement on this front coming in Postgres 15: > > https://www.postgresql.org/docs/devel/release-15.html > > > Do you mean that, for example, "create database x" will no longer imply > "grant connect on database x to public" and "create function f()" will no > longer imply "grant execute on function f() to public"? That would be good. > But I can't find wording to that effect on the page. > No, the changes are to the defaults for the public schema - which makes actually removing it from the database post-creation less necessary. David J.
