| From: | "MS (direkt)" <martin(dot)stoecker(at)stb-datenservice(dot)de> |
|---|---|
| To: | pgsql-sql(at)postgresql(dot)org |
| Subject: | Re: RLS for superuser |
| Date: | 2016-12-08 07:38:34 |
| Message-ID: | 03f83676-a337-ed9b-069a-a36076c0e2d0@stb-datenservice.de |
| Views: | Raw Message | Whole Thread | Download mbox | Resend email |
| Thread: | |
| Lists: | pgsql-sql |
Hi Gaurav,
you can't restrict superuser rights via RLS.
IMHO that's obvious because superuser will do administrative task like
dump_all and so on.
Regards Martin
Am 08.12.2016 um 08:32 schrieb Gaurav Tomar:
> Hi All,
>
> We are developing an application which will connect to the PostgreSQL
> 9.5 at backend.
> We do not want any DB role/user including superuser to access the
> table data from the backend, only if the user is logging in from the
> application can see the data.
>
> To achieve this we have created policies and enable RLS on the tables.
> By enabling the RLS and creating policies we are able to restrict all
> the DB user/role including table owner of the table but not able to
> restrict superuser.
>
> Regards,
>
> Gaurav
>
> +91 876 265 4621
>
--
Widdersdorfer Str. 415, 50933 Köln; Tel. +49 / 221 / 9544 010
HRB Köln HRB 75439, Geschäftsführer: S. Böhland, S. Rosenbauer
| From | Date | Subject | |
|---|---|---|---|
| Next Message | Stephen Frost | 2016-12-08 13:54:00 | Re: RLS for superuser |
| Previous Message | Gaurav Tomar | 2016-12-08 07:32:31 | RLS for superuser |