Mercurial > gemma
changeset 313:10b93a8ee057
Lock out the PUBLIC more rigorously
| author | Tom Gottfried <tom@intevation.de> |
|---|---|
| date | Wed, 01 Aug 2018 18:16:14 +0200 |
| parents | 0745b4d336c4 |
| children | adceb47920fb |
| files | schema/auth.sql |
| diffstat | 1 files changed, 2 insertions(+), 2 deletions(-) [+] |
line wrap: on
line diff
--- a/schema/auth.sql Wed Aug 01 17:35:12 2018 +0200 +++ b/schema/auth.sql Wed Aug 01 18:16:14 2018 +0200 @@ -5,12 +5,12 @@ -- -- We do not want any users to be able to create any objects -REVOKE CREATE ON SCHEMA public FROM PUBLIC; +REVOKE ALL ON SCHEMA public FROM PUBLIC; -- -- Privileges for waterway_user -- -GRANT USAGE ON SCHEMA users, waterway TO waterway_user; +GRANT USAGE ON SCHEMA public, users, waterway TO waterway_user; GRANT SELECT ON ALL TABLES IN SCHEMA public, users, waterway TO waterway_user; --