Re: Preventing in-session 'set role' commands

VO Ipfix writes: > Hello everyone! I am working on a multi-tenant (sigh) DB design using > schemas. I anticipate a bunch of junior developers coming in before we > fully mature our testing process, so SQLi is a concern. Basically, I want > to have a role for each tenant, and have a user/role that

RE: Preventing in-session 'set role' commands

Maybe check out the set_user extension: https://github.com/pgaudit/set_user Steve.

Re: Preventing in-session 'set role' commands

On Tue, Aug 6, 2019 at 10:26 AM VO Ipfix wrote: > > Is this something that can be accomplished with PostgreSQL? Any suggestions > thoughts are welcome, however tangential Perhaps SET SESSION AUTHORIZATION? Luca