REVOKE ALL ON DATABASE db_name FROM user_name;
revoke all on all tables in schema public from zabbix;
Readonly User:
revoke all on schema public from public;
create role zabbix login password 'some_pass';
grant usage on schema public to zabbix;
grant select on public.some_table to zabbix;
When you create a new database, any role is allowed to create objects in the public schema. To remove this possibility, you may issue immediately after the database creation:
REVOKE ALL ON schema public FROM public;Edit: after the above command, only a superuser may create new objects inside the public schema, which is not practical. Assuming a non-superuser foo_user should be granted this privilege, this should be done with:
GRANT ALL ON schema public TO foo_user;
No comments:
Post a Comment
Note: Only a member of this blog may post a comment.