Default privileges for new users on public schema?

I just created a database with an additional application schema.

And for our Java Spring Boot applications I created a new role with the following SQL scripts for setting up the privileges:

CREATE USER app_role WITH ENCRYPTED PASSWORD '#########';

GRANT ALL ON SCHEMA application TO app_role;

Now my expectation was that I could only create and delete tables within the schema application when logging in with this role.

However, I am also able to create and modify tables in the schema public.

Are there any default privileges for the public schema?

Why can I create tables in schemas I did not grant any privileges to?

Solution

The public schema has a special role in PostgreSQL, as the documentation describes.

If you don't want that (and it can be a security problem), you can either REVOKE the CREATE privilege or even drop the schema alogether.

How to reload PostgreSQL configuration
Why should I create separate payment table for orders table for ecommerce database
serial in postgres is being increased even though I added on conflict do nothing
RowVersion implementation on Entity Framework for PostgreSQL
Allow docker container to connect to a local/host postgres database
Supabase: how to query users by eMail?
Postgres jsonpath for referencing either singleton element or array of elements
Postgres Json(b) int array contains any of array values
Rownum in postgresql
How to generate random string for all rows in postgres
TypeORM: subscribe to two models
Calculate sum of int column based on count of another column
ERROR: integer out of range on Postgresql
use the returned value of the query as a foreign key without starting a new transaction or dropping foreign key constraint
Prioritizing one row over another, if it exists
org.postgresql.util.PSQLException: ERROR: function lower(bytea) does not exist
Why does this multiple "DO" block script work in DBeaver but fail in pgAdmin?
How to achieve message deduplication when using MassTransit with postgres transport and EF Core for persistence
Call a function for each row in select - Postgres
How to remove last element from array?
Alembic keeps deleting and recreating Foreign Keys during autogenration
Golang postgresql query with transactions and squirrel
Docker Compose: The "Hh" variable is not set. Defaulting to a blank string
postgresql "keepalives" parameter
How to make supabase reflect whatever is on my payload cms
Create Postgis Polygon from Geometry Points with adding X metres to polygon boundaries
Convert string back to array of tuples
How to connect GraphQL and PostgreSQL
Why does updating a table in PostgreSQL need disk storage?
PostgreSQL splitting time range into days