On 11/13/24 12:29, Alvaro Herrera wrote:
> On 2024-Nov-13, Vijaykumar Jain wrote:
>
>> I tried to grant select permissions to 5000 different roles on one table,
>> It failed with row size too big already at 2443.
> But you can grant select to one "reader" role, and grant that one role
> to however many other roles you want. This way you can have an
> arbitrary number of roles with indirect access to the table. In
> real-world usage, this is more convenient that granting access to
> individual roles on individual tables; likely, you'll grant access to
> sets of tables/views/functions/etc rather than exactly one, and you can
> manage that more easily if you have one intermediate role to modify than
> if you have to mess with 5000 individual roles.
Exactly! In the later versions, security gets more and more refined and
strengthened. So ppl should think about moving away from "public" , and
start implementing finer grained schemes of security, as you suggest. +
\dp shows prettier than having 1000+ users listed.
>
