Thanks, Stephen and David for your responses. My setup is as you described
it. Thanks for clarifying.
--
View this message in context:
http://postgresql.nabble.com/Row-level-Security-vs-Application-level-authz-tp5839069p5839291.html
Sent from the PostgreSQL - general mailing list
> * David Steele (da...@pgmasters.net) wrote:
> > So I guess my last question is if you are inserting rows into a table to
> > track user connections, how do you clean them out when the client does
> > not disconnect cleanly? Or is this table intended to be append-only?
>
> It wouldn't be intende
Adam,
* Adam Hooper (a...@adamhooper.com) wrote:
> On Tue, Feb 24, 2015 at 8:37 PM, Stephen Frost wrote:
> > * David Steele (da...@pgmasters.net) wrote:
> >> So I guess my last question is if you are inserting rows into a table to
> >> track user connections, how do you clean them out when the cl
On Tue, Feb 24, 2015 at 8:37 PM, Stephen Frost wrote:
> * David Steele (da...@pgmasters.net) wrote:
>> So I guess my last question is if you are inserting rows into a table to
>> track user connections, how do you clean them out when the client does
>> not disconnect cleanly? Or is this table int
* David Steele (da...@pgmasters.net) wrote:
> So I guess my last question is if you are inserting rows into a table to
> track user connections, how do you clean them out when the client does
> not disconnect cleanly? Or is this table intended to be append-only?
It wouldn't be intended to be appe
On 2/24/15 3:31 PM, Stephen Frost wrote:
> * David Steele (da...@pgmasters.net) wrote:
>> On 2/24/15 3:07 PM, Stephen Frost wrote:
>>> The problem with a temporary table is, well, it goes away. :) There are
>>> further concerns that, because it's created in some fashion by the
>>> single applicati
* David Steele (da...@pgmasters.net) wrote:
> On 2/24/15 3:07 PM, Stephen Frost wrote:
> > The problem with a temporary table is, well, it goes away. :) There are
> > further concerns that, because it's created in some fashion by the
> > single application user, it might be less secure. Really, t
On 2/24/15 3:07 PM, Stephen Frost wrote:
> * David Steele (da...@pgmasters.net) wrote:
>> On 2/23/15 8:16 PM, Stephen Frost wrote:
>>> * David G. Johnston (david.g.johns...@gmail.com) wrote:
I take it that the table has to be permanent otherwise you would have
suggested
and unlogged
* David Steele (da...@pgmasters.net) wrote:
> On 2/23/15 8:16 PM, Stephen Frost wrote:
> > * David G. Johnston (david.g.johns...@gmail.com) wrote:
> >> I take it that the table has to be permanent otherwise you would have
> >> suggested
> >> and unlogged temporary table as the target...
> >
> > A
On 2/23/15 8:16 PM, Stephen Frost wrote:
> * David G. Johnston (david.g.johns...@gmail.com) wrote:
>> I take it that the table has to be permanent otherwise you would have
>> suggested
>> and unlogged temporary table as the target...
>
> A temporary table would have to be recreated each time and t
* David G. Johnston (david.g.johns...@gmail.com) wrote:
> On Mon, Feb 23, 2015 at 6:01 PM, Stephen Frost wrote:
>
> > * David G Johnston (david.g.johns...@gmail.com) wrote:
> > > My quick take-away from RLS compared to traditional multi-tenant security
> > > policies is that with RLS you move the
On Mon, Feb 23, 2015 at 6:01 PM, Stephen Frost wrote:
> * David G Johnston (david.g.johns...@gmail.com) wrote:
> > My quick take-away from RLS compared to traditional multi-tenant security
> > policies is that with RLS you move the security logic into the database
> and
> > leverage the native da
* David G Johnston (david.g.johns...@gmail.com) wrote:
> My quick take-away from RLS compared to traditional multi-tenant security
> policies is that with RLS you move the security logic into the database and
> leverage the native database roles. Your model likely makes use of a single
> user asso
Darin Gordon wrote
> I'm trying to understand the extent that row level security in postgresql
> 9.5 may replace, or augment, application-level access control.
>
> I have a fully implemented application-level access control policy. It's
> not clear to me how I will integrate or replace it with RL
Darin,
* Darin Gordon (dar...@gmail.com) wrote:
> I'm trying to understand the extent that row level security in postgresql
> 9.5 may replace, or augment, application-level access control.
Neat!
> I have a fully implemented application-level access control policy. It's
> not clear to me how I w
I'm trying to understand the extent that row level security in postgresql
9.5 may replace, or augment, application-level access control.
I have a fully implemented application-level access control policy. It's
not clear to me how I will integrate or replace it with RLS.
Craig Ringer mentioned in
16 matches
Mail list logo
