From: | Joseph Kennedy <joseph(dot)kennedy(dot)486(at)gmail(dot)com> |
---|---|
To: | Laurenz Albe <laurenz(dot)albe(at)cybertec(dot)at> |
Cc: | Stephen Frost <sfrost(at)snowman(dot)net>, Giovanni Biscontini <biscontini(dot)g(at)es2000(dot)it>, pgsql-general(at)postgresql(dot)org |
Subject: | Re: PostgreSQL |
Date: | 2023-04-02 21:21:26 |
Message-ID: | CC59E8B4-02E1-45B1-8030-1FD44665CA7D@gmail.com |
Views: | Raw Message | Whole Thread | Download mbox | Resend email |
Thread: | |
Lists: | pgsql-general |
> Wiadomość napisana przez Laurenz Albe <laurenz(dot)albe(at)cybertec(dot)at> w dniu 09.02.2023, o godz. 16:42:
>
> On Thu, 2023-02-09 at 09:54 +0100, Joseph Kennedy wrote:
>> As I wtote, I would like restrict access to sensitive or restricted information
>> for some users (eg. hide data of one or more clients for some database users).
>>
>> My question is: do you know some other solution to do that ?
>
> It is easy to hide data from users: use permissions or row level security.
>
> It is impossible to hide metadata from users, but we don't consider that a problem.
>
> If you want that, use a database or a database cluster per user.
>
> Yours,
> Laurenz Albe
I have one more question on this topic regarding Row Level Security.
I would like to hide some rows for users who should have full rights to database eg. create Index, drop table, create tabel etc. but e.g. create index can be done by owner or superusers but they are bypassed by Row Level Security.
Is possible to use RLS for users who should have full rights to database ?
From | Date | Subject | |
---|---|---|---|
Next Message | Jason McLaurin | 2023-04-02 22:25:19 | Very slow queries followed by checkpointer process killed with signal 9 |
Previous Message | Adrian Klaver | 2023-04-02 15:40:14 | Re: jsonb @@ jsonpath operator doc: Only the first item of the result is taken into account |