Re: PostgreSQL - Mailing list pgsql-general

RLS policy it only affects to command as SELECT, INSERT, UPDATE, DELETE or can affects to operations on whole database, table like vacuum or reindex etc ?

Wiadomość napisana przez Giovanni Biscontini <biscontini.g@es2000.it> w dniu 07.02.2023, o godz. 12:16:



Hi Joseph,

   one way to filter without RLS is using functions to make queries:

this way you can cross check input parameters with login user (= user issuing query). Using functions slow an execution but incapsulate query letting you be able even to parse input parameters and filter results. Sorry but I have no time ref for RLS, and remember that before you can use RLS you must enable it on the table you want to use in.

best regards, Giovanni

Il giorno mar 7 feb 2023 alle ore 12:02 Joseph Kennedy <joseph.kennedy.486@gmail.com> ha scritto:

I would like restrict access to sensitive or restricted information for some users (eg. hide data of one or more clients for some database users).

PostgreSQL allows to create security policy as Row-Level Security, policies based on the querying user.


Are there any other alternatives to RLS, are there any better solutions??

What are  the advantages and disadvantages of RLS?

How much RLS will cause a decrease in database performance?

JK