Re: Add SECURITY_INVOKER_VIEWS option to CREATE DATABASE
David G. Johnston <david.g.johnston@gmail.com>
From: "David G. Johnston" <david.g.johnston@gmail.com>
To: Steve Chavez <steve@supabase.io>
Cc: PostgreSQL-development <pgsql-hackers@postgresql.org>
Date: 2026-01-27T18:02:34Z
Lists: pgsql-hackers
On Tuesday, January 27, 2026, Steve Chavez <steve@supabase.io> wrote: > Hello hackers, > > Currently views are not secure by default since they bypass RLS. > PostgreSQL 15 introduced the `WITH (security_invoker = true)` option for > this but it's easy to miss on every new view created. > > It's also inconsistent with functions, which default to SECURITY INVOKER. > I’d be more inclined to change this incompatibility than try to affect action at a distance with a database setting. But suspect the status-quo is likely to prevail. Maybe we need a view of views that reference RLS relations that aren’t security_invoker? Add something to the docs? If one knows enough to enable a database setting they can institute different less problematic solutions as well. Maybe we provide an event trigger example. David J.