PostgreSQL: Why New User can access all Databases without any Grants

The Database security is always one of the major tasks for all the Database Administrators.
I have also prepared one article to create Read only User in PostgreSQL.

PostgreSQL: Script to Create a Read-Only Database User

In this post, I am sharing small note about REVOKE privileges for newly created Database Users of PostgreSQL.

Before a few days ago, one of the PostgreSQL Junior DBA asked this question on my FB Page. He created one new DB User in PostgreSQL and without giving a any permission that USER can CONNECT to all Databases.

Yes: When you create any new DB User in PostgreSQL, It has a default CONNECT privileges.
But It cannot access any Table or data of Databases, yes It can create new Table in any Database.

To prevent a new User for connecting any existing Database, we should run REVOKE command on particular User or Role.

REVOKE CONNECT privileges from Database:

REVOKE all privileges from Database:

You should GRANT only required Databases:

Please share your ideas and opinions about this topic with me, your contribution will add true value to this topic.
If anyone has doubts on this topic then please do let me know by leaving comments or send me an email.

If you like this post, then please share it with others.
Please follow, I will share my experience towards the success of Database Research and Development Activity.

I put up a post every day, please keep reading and learning.
Discover Yourself, Happy Blogging !
Anvesh M. Patel.

More from

Leave a Reply

Be the First to Comment!

Notify of