On Wednesday, August 9, 2023, Erik Nelson <e...@nsk.io> wrote: > I have a lab with a database that I would like to use as a "multi-tenant" > database, in that I would like to create a database for each of the > applications that I'm running and segregate access so that user foo and > user bar cannot see anything about their neighbors. I'm somewhat surprised > to discover that any new user, *by default*, has the ability to list > databases > This cannot be prevented.
> , connect to them > https://www.postgresql.org/docs/current/sql-alterdefaultprivileges.html > and list their tables. > Requires being connected to the database being inspected. > My understanding is that this ability is inherited from the public role > (could use confirmation of this)? > Yes, public is what gets the default connection grant to newly created databases. David J.
