Re: Database security granularity

Michael Trausch <michael.trausch@comcast.nope.net> writes:
> I'd like to know if I can constrict database and data access
> on a row-level with PgSQL by using some sort of trickery in the database
> configuration itself.

You could do this with views, on the order of

    create view secure_view as
    select * from base_table where access_allowed(current_user, ...);

where you need to write an access_allowed function that implements your
security policy (probably based on fields in the base table that are not
reflected in the view, so it's not really gonna be "select *").  Then
you grant access to the view but not the base table to the users.

Also, take a look at
    http://pgfoundry.org/projects/veil/
and search the archives for past discussions of row-level security.

            regards, tom lane