undefined | Better HN

0 pointsanarazel10y ago0 comments

No, RLS does not necessarily require separate database users. Using database users is one relatively obvious way to use the feature, but you can very well do something like 'SELECT myapp_set_current_user(...)' or something, and use a variable securely set therein for the row restrictions.

0 comments

jimktrains210y ago

Interesting. I didn't think about doing that. 9.2 makes that much easier to do http://dba.stackexchange.com/questions/97095/set-session-cus...

Jweb_Guru10y ago

Yep. We do this where I work (the 9.4 equivalent using SECURITY BARRIER views) and it is extremely useful.

j / k navigate · click thread line to collapse

0 pointsanarazel10y ago0 comments

0 comments

jimktrains210y ago

Interesting. I didn't think about doing that. 9.2 makes that much easier to do http://dba.stackexchange.com/questions/97095/set-session-cus...

Jweb_Guru10y ago

Yep. We do this where I work (the 9.4 equivalent using SECURITY BARRIER views) and it is extremely useful.

j / k navigate · click thread line to collapse