More obvious clarification is needed about how RLS interacts with views

Previous Topic Next Topic
 
classic Classic list List threaded Threaded
1 message Options
Reply | Threaded
Open this post in threaded view
|

More obvious clarification is needed about how RLS interacts with views

apt.postgresql.org Repository Update
The following documentation comment has been logged on the website:

Page: https://www.postgresql.org/docs/11/sql-createpolicy.html
Description:

It's not clear enough from reading the documentation on RLS security policy
that schema designers need to pay special attention to views and their
ownership.  (Views will bypass RLS security in the common case that they are
owned by a super user.)  I have seen this misunderstanding lead to
unexpected data exposure.

This *is* clarified at the very bottom of the Notes section on the `create
policy` document, but I believe it justifies having a clear and prominent
call out.  Thank you!