common issues with roles and privileges
we discover during security reviews.
Of course, PostgreSQL offers many advanced security-related features, one of them being Row Level Security
(RLS), available since PostgreSQL 9.5
As 9.5 was released in January 2016 (so just a few months ago), RLS is fairly new feature and we're not really dealing with many production deployments yet. Instead RLS is a common subject of "how to implement" discussions, and one of the most common questions is how to make it work with application-level users. So let's see what possible solutions there are.
A few days ago I've blogged about the
One of the services we offer are security reviews (or audits, if you want), covering a range of areas related to security. It may be a bit surprising, but a topic that often yields the most serious issues is roles and privileges. Perhaps the reason why roles and privileges are a frequent source of issues is that it seems to be quite simple and similar to things the engineers are familiar with (e.g. Unix system of users and groups), but it turns out there are a few key differences with major consequences.
The other parts are either very straightforward and understandable even for sysadmins without much PostgreSQL experience (e.g. authentication config in pg_hba.conf), or the engineers recognize the complexity and take their time to familiarize with the details (a good example of this is