On Mon, Oct 26, 2009 at 10:32:05AM -0500, Michael Gould wrote: > In our system we have a hybrid security system. [...] > Trying to maintain the database > to match the application security would become cumbersome for our customers.
Have you looked at using functions protected by "security definer"? I tend to use these a lot when I want to enforce any remotely complicated security properties. The functions can go away and check whatever properties you want and allowing you to have a parallel set of checks going on to the stuff directly supported by PG. -- Sam http://samason.me.uk/ -- Sent via pgsql-general mailing list (pgsql-general@postgresql.org) To make changes to your subscription: http://www.postgresql.org/mailpref/pgsql-general
