Graham Leggett <minf...@sharp.fm> writes: > Trouble is, I can create tables in db1 which is write access. I can also > connect to db2 (bad), and I can enumerate the tables in db2 (bad), although > the queries of the contents say access is denied.
You need to read the docs about default privileges: see about halfway down https://www.postgresql.org/docs/15/ddl-priv.html where it says "PostgreSQL grants privileges on some types of objects to PUBLIC by default ...". In this case I think you likely need to revoke the default public CREATE privilege on schema public in db1, and revoke the default public CONNECT privilege on database db2. regards, tom lane
