On Wed, Jun 26, 2024 at 2:42 PM David G. Johnston <david.g.johnston@xxxxxxxxx> wrote: > On Wednesday, June 26, 2024, Dominique Devienne <ddevienne@xxxxxxxxx> wrote: >> Only session_user >> is representative of the caller, and reliable (modulo SUPERUSER and >> SET AUTHORIZATION, but that's a different story and kinda normal) > > Why can you not use session_user then? Hi. As I already wrote above, the current_role matters in our security model. The LOGIN user (i.e. session_user) is used only for authentication to the DB and to connect. All other security concerns are on other app-maintained (NOLOGIN) roles, used for authorization. --DD
