Security on Ivan Luminaria

Roles and Users in PostgreSQL: Why Everything Is (Only) a ROLE

Tue, 10 Feb 2026 08:03:00 +0100

The first time I seriously worked with PostgreSQL I was coming from years of other databases. I looked for the CREATE USER command. I found it. Then I saw CREATE ROLE. Then ALTER USER. Then ALTER ROLE.
For a few minutes I thought: “Alright, someone here enjoys confusing people.”

Actually, no. PostgreSQL is far more consistent than it appears. It is just consistent in its own way.

In PostgreSQL there are no users. There are roles. #

The key is this: in PostgreSQL everything is a ROLE.

Users, Roles and Privileges in Oracle: Why GRANT ALL Is Never the Answer

Tue, 27 Jan 2026 08:03:00 +0100

It has happened to me more than once: I walk into an Oracle environment and find the same situation. Every application user connected as the schema owner, with the DBA role granted. Developers, batch jobs, reporting tools — all running with the same privileges as the user that owns the tables.

When you ask why, the answer is always some variation of: “This way everything works without permission issues.”

Sure. Everything works. Until the day a developer runs a DROP TABLE on the wrong table. Or a batch import does a TRUNCATE on a production table thinking it is in the test environment. Or someone runs a DELETE FROM customers without a WHERE clause.

MySQL Users: Why 'mario' and 'mario'@'localhost' Are Not the Same Person

Tue, 13 Jan 2026 08:03:00 +0100

A few weeks ago a client calls me. Pragmatic tone, seemingly trivial request:

“I need to create a user on MySQL for an application that needs to access a database. Can you take care of it?”

Sure. CREATE USER, `GRANT` , next.