You are viewing the 2025 edition of FOSDEM. Click here to view the 2026 edition
Row-Level Security sucks. Can we make it usable?
UA2.220 (Guillissen) | Day 2 | 16:00 - 16:50 | Speakers: Jimmy Angelakos
Row-Level Security sucks. Can we make it usable?
Abstract
Row-Level Security (RLS) in PostgreSQL is awesome, as it allows you to isolate each user or tenant's data, lock it down and default to "deny access"... but it sucks because it makes assumptions about your application that are not applicable in many cases.
Especially if your applications were developed without RLS in mind and you use a single app user to connect to the database, it's impossible to use RLS in any meaningful way.
In this talk, we'll look at possible ways to roll out RLS that can let you take advantage of this powerful feature in the real world.
PostgreSQL Documentation: Row Security Policies
Speakers
Jimmy Angelakos
External Links
Notice: The placeholder video image is licensed under CC BY-SA 4.0. The original image can be found hereChanges made to the image are: Cropped the image to a new ratio, part of the image was cut off.