Users and the public
Privileges are granted to single users by name or to all users under the name of PUBLIC. Any privileges granted to PUBLIC serve as default privileges.
Before executing a statement, the database server determines whether a user has the necessary privileges. The information is in the system catalog. For more information, see Privileges in the system catalog tables.
The database server looks first for privileges that are granted specifically to the requesting user. If it finds such a grant, it uses that information. It then checks to see if less restrictive privileges were granted to PUBLIC. If they were, the database server uses the less restrictive privileges. If no grant has been made to that user, the database server looks for privileges granted to PUBLIC. If it finds a relevant privilege, it uses that one.
Thus, to set a minimum level of privilege for all users, grant privileges to PUBLIC. You can override that, in specific cases, by granting higher individual privileges to users.