Re: Add SECURITY_INVOKER_VIEWS option to CREATE DATABASE

Steve Chavez <steve@supabase.io>

From: Steve Chavez <steve@supabase.io>
To: Laurenz Albe <laurenz.albe@cybertec.at>
Cc: PostgreSQL-development <pgsql-hackers@postgresql.org>
Date: 2026-01-28T20:43:54Z
Lists: pgsql-hackers
But that is a property of just regular views not necessarily
security_barrier right? i.e. "to be able to hide certain columns".

> Please don't top-post.

My bad, to be honest I don't understand how I can reply to different
paragraphs in a more structured way.
Are there guidelines/examples on the pg docs about this rule?

Best regards,
Steve

On Wed, 28 Jan 2026 at 15:28, Laurenz Albe <laurenz.albe@cybertec.at> wrote:

> On Wed, 2026-01-28 at 14:19 -0500, Steve Chavez wrote:
> > CMIIW, but wasn't security_barrier a mechanism to do RLS before actual
> RLS (policies) were introduced? So in a way aren't they superseded by RLS?
>
> I wouldn't say so.
>
> Creating a view that allows a user to see only certain columns of a table
> is something quite different from restricting the rows a user can operate
> on.
>
> Yours,
> Laurenz Albe
>