Follow
I've always considered applications using the 'postgres' default database not to be best practice, especially when they are authing as the 'postgres' user.
Do other #postgresql people agree with that?
@intrbiz fully agree, this is a terrible idea
@intrbiz I would not miss it much on my side if it did not exist.
@intrbiz yes, certainly. That is more or less the equivalent to always logging into your computer as root/Administrator.
It hurts the principle of least privilege.
If you need DDL privileges, create a user and give him his owned database but use superuser privileges as little as possible in a real application.
@intrbiz and what about using the public schema? 😉
Personally I don‘t mind using the postgres database but using the postgres user for an application is a big red flag for me.
@intrbiz I do