On Fri, 2024-06-07 at 07:42 -0700, David G. Johnston wrote: > On Friday, June 7, 2024, Laurenz Albe <laurenz.a...@cybertec.at> wrote: > > On Fri, 2024-06-07 at 13:54 +0000, Zwettler Markus (OIZ) wrote: > > > > Another point to keep in mind is that by default, execute privilege is > > > > granted to > > > > PUBLIC for newly created functions (see Section 5.7 for more > > > > information). > > > > > > Argh. No! What a bad habit! > > > > > > Might be good idea for an enhancement request to create a global > > > parameter to disable this habit. > > > > I don't see the problem, since the default execution mode for functions is > > SECURITY INVOKER. > > > > But you can easily change that: > > > > ALTER DEFAULT PRIVILEGES FOR ROLE function_creator REVOKE EXECUTE ON > > FUNCTION FROM PUBLIC; > > You named function_creator here when in this example the role creating the > new object is postgres.
Then use "postgres" rather than "function_creator". An ALTER DEFAULT PRIVILEGES statement always only changes default privileges for objects created by a certain user. > How is it that the default privilege granted to public doesn’t seem to care > who the object creator > is yet when revoking the grant one supposedly can only do so within the scope > of a single role? I don't understand what you wrote. ALTER DEFAULT PRIVILEGES also only applies to objects created by a single role when you grant default privileges. Yours, Laurenz Albe
