Re: [NOVICE] Column level security question

Hi Tom,
    Thank you very much for your information.  The column level select right is based on grant to user or role.  What I
amreally looking for is something like row level security that allows developer to develop policy and function to hide
columnor columns.  I hope the example below can clarify the request. 

For example:  a function that only allow deptno=30 or resp=10 to see column named 'sale' and 'card_num' and a policy
thatapplied to the table that can carry out the function.  So only user in deptno 30 or responsibility level equal to
10can see  column named 'sale' and 'card_num' without using role.  Such that the security can be relied on the data
ownernot the DBA.  


Garry



-----Original Message-----
From: Tom Lane [mailto:tgl@sss.pgh.pa.us]
Sent: Wednesday, June 21, 2017 11:45 AM
To: Garry Chen <gc92@cornell.edu>
Cc: pgsql-novice@postgresql.org
Subject: Re: [NOVICE] Column level security question

Garry Chen <gc92@cornell.edu> writes:
>                 PostgreSQL has row level security by using policy but is there a column level security policy or
functionfor it?  If not, is the development of column level security under the development/wish list for PostgreSQL new
features?

If you're looking for column-level granularity of GRANT/REVOKE privileges, we have that, eg you can grant the right to
SELECTonly some columns from a table. 

If that's not what you have in mind, you need to be clearer.

            regards, tom lane