| From: | Garry Chen <gc92(at)cornell(dot)edu> |
|---|---|
| To: | Stephen Froehlich <s(dot)froehlich(at)cablelabs(dot)com>, "David G(dot) Johnston" <david(dot)g(dot)johnston(at)gmail(dot)com> |
| Cc: | "pgsql-novice(at)lists(dot)postgresql(dot)org" <pgsql-novice(at)lists(dot)postgresql(dot)org> |
| Subject: | RE: how to remove set_config from all user |
| Date: | 2018-01-18 20:13:34 |
| Message-ID: | BLUPR04MB38674E6DDD482CB5179EAE3DAE80@BLUPR04MB386.namprd04.prod.outlook.com |
| Views: | Raw Message | Whole Thread | Download mbox | Resend email |
| Thread: | |
| Lists: | pgsql-novice |
Thank you for your suggestion but I don’t think table partitioning is a practical solution for RLS.
Garry
From: Stephen Froehlich [mailto:s(dot)froehlich(at)cablelabs(dot)com]
Sent: Thursday, January 18, 2018 2:51 PM
To: Garry Chen <gc92(at)cornell(dot)edu>; David G. Johnston <david(dot)g(dot)johnston(at)gmail(dot)com>
Cc: pgsql-novice(at)lists(dot)postgresql(dot)org
Subject: RE: how to remove set_config from all user
Would table partitioning perhaps be a better way to do this?
--Stephen
------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------
What I try to do is performing a row level security by setting a variable such that RLS function can only return the rows base on the variable. I have two way to do this one is using SET SESSION AUTHORIZATION the other is set a variable by using set_config. If I use SET SESSION AUTHORIZATION it increase administration overhead. If I use set_config the potential wrong access of RLS is possible. Do you have any suggestion?
Garry
| From | Date | Subject | |
|---|---|---|---|
| Next Message | Stephen Froehlich | 2018-01-19 05:23:26 | STATISTICS retained in CREATE TABLE ... LIKE (INCLUDING ALL)? |
| Previous Message | Stephen Froehlich | 2018-01-18 19:50:58 | RE: how to remove set_config from all user |