Re: row_security GUC, BYPASSRLS

On Tue, Sep 15, 2015 at 03:18:21PM -0400, Adam Brightwell wrote:
> On Tue, Sep 15, 2015 at 2:26 PM, Joe Conway <mail@joeconway.com> wrote:
> >> Joe Conway <mail@joeconway.com> writes:
> >>> There are use cases where row_security=force will be set in production
> >>> environments, not only in testing.

> > Noah's suggestion of using a per table attribute
> > would work -- in fact I like the idea of that better than using the
> > current GUC.
> 
> FWIW, I also concur with a per table attribute for this purpose.  In
> fact, I think I really like the per-table flexibility over an
> 'all-or-nothing' approach better too.

Great.  Robert, does that work for you, too?  If so, this sub-thread is
looking at three patches:

1. remove row_security=force
2. remove SECURITY_ROW_LEVEL_DISABLED; make ri_triggers.c subject to policies
3. add DDL-controlled, per-table policy forcing

They ought to land in that order.  PostgreSQL 9.5 would need at least (1) and
(2); would RLS experts find it beneficial for me to take care of those?

Thanks,
nm