This is also one of the important discussion for PostgreSQL Professional.
In PostgreSQL, when you create a new user without specifying any grant or rule, by default it user has access to all databases.
Postgres internally provides PUBLIC grant to newly created user.
As we are Database Proffesional and database security is one of major concern for us.
If you want to prevent user to access all databases, use below REVOKE script.
REVOKE CONNECT ON DATABASE database_name FROM PUBLIC;
My advice is to always create your customize database role for application and read only user.
After executing this revoke command, you can grant this CONNECT to your Database Role.
GRANT CONNECT ON DATABASE database_name TO role_name;
Please share your ideas and opinions about this topic with me, your contribution will add true value to this topic.
If anyone has doubts on this topic then please do let me know by leaving comments or send me an email.
If you like this post, then please share it with others.
Please follow dbrnd.com, I will share my experience towards the success of Database Research and Development Activity.
I put up a post every day, please keep reading and learning.
Discover Yourself, Happy Blogging !
Anvesh M. Patel.