Hi charlin, I invite you to read this doc it explains very well the security issue with the public schéma : https://wiki.postgresql.org/wiki/A_Guide_to_CVE-2018-1058:_Protect_Your_Search_Path
The main problem with the public schéma is the default privileges (execute) granted to all users able to connect. Personally, each time i create a database, i remove the public schema Regards Thomas Le lun. 23 avr. 2018 à 17:00, Charlin Barak <charlinba...@gmail.com> a écrit : > Hi, > We will be developing three new applications in PostgreSQL, each having > its own database instance running on different hosts. We will only have one > schema per Postgres instance. The data is read-write only by one > application/schema in the DB instance and the data is published to other > applications via API calls. > > In such a standalone database configuration, are there any security > implications or any downsides to creating the application in the public > schema? > > Thanks. > > >