Non-owners have viewing/editing permissions?

Is it on purpose that roles (created using the web UI) have permissions to edit databases they do not own?

1 Like

I believe what you describe here is related to public schema privileges in Postgres, and I suspect you might have a Neon project created with PG14.

Please check out the Public Schema privileges section in this topic: Manage database access

“When creating a new database, Postgres creates a schema named public in the database and permits access to the schema to a predefined Postgres role named public. Newly created roles in Postgres are automatically assigned the public role. In Postgres 14, the public role has CREATE and USAGE privileges on the public schema. In Postgres 15 and higher, the public role has only USAGE privileges on the public schema.”