Server public permissions
Applies to: SQL Server
This rule determines whether the public server role has server permissions. Every login that is created on the server is a member of the public server role. If this condition is met, every login on the server will have server permissions.
Best practices recommendations
Don't grant server permissions to the server public role.
Important
After setup completes the PUBLIC role has CONNECT permission on all the endpoints except the Dedicated Admin Connection. This is normal and should not be normally changed. (Access is controlled by using the CONNECT SQL permission which is automatically granted when new logins are created.)