Hello, I just want to verify that what I'm observing is true, and if it is, I'd like to know how to avoid it:
1. There are databases owned by a certain role which is a superuser 2. Nobody logs in with the superuser role unless necessary 3. But they do log in with "developer" roles which are inherited from the owner role. These developer roles are not superusers themselves, but have the CREATEDB flag 4. The developer roles can still drop the databases. I've tried it on a dummy database and it apparently works as described here. Is this by design? If it is, is there a way to prevent the developer roles from dropping the databases? What are the best practices for this sort of scenario where there is a single owner of all the schema (which is large), where developers need access to everything but cannot do something as drastic as dropping the dbs (and possibly tables)?
