Anon privilege?

I ran

select grantee, privilege_type, table_schema, table_name
from information_schema.role_table_grants
where grantee in ('anon');

select grantee, privilege_type, table_schema, table_name
from information_schema.role_table_grants
where grantee in ('anon');

And was shocked to find a lot of access for anon. shouldnt these be revoke by defaul. Can i safely revoke all of them? Only authenticated users may use my app, anon is only to become authenticated.

message.txt

2 Replies

silentworks•7d ago

If you are using the Data API you should not be revoking these. You will be left with unexpected behavior if you do revoke these. Supabase sets up sane defaults, if you modify them you do so at your own risk.

IdrisOP•7d ago

I see, thanks!

Gaming

Programming

Anon privilege?

Did you find this page helpful?