On May29, 2012, at 16:34 , Robert Haas wrote: > One idea might be to have a grantable permission that permits the RLS > policy to be bypassed. So, if a user has only SELECT permission, they > can select from the table, but the RLS policy will apply. If they > have both SELECT and RLSBYPASS (probably not what we really want to > call it) permission, then they can select from the table and the RLS > policy will be skipped. This means that superusers automatically skip > all RLS policies (which seems right) and table owners skip them by > default (but could revoke their own privileges) and other people can > skip them if the table owner (or the superuser) grants them the > appropriate privilege on the table involved.
I like it. Seems to support all use-cases I can come up with, and extends existing privilege semantics in a natural way. best regards, Florian Pflug -- Sent via pgsql-hackers mailing list (pgsql-hackers@postgresql.org) To make changes to your subscription: http://www.postgresql.org/mailpref/pgsql-hackers
