Before moving on to real-world, practical examples, I want to briefly shift your attention to the various layers of security we will be dealing with. When dealing with security, it makes sense to keep those levels in mind in order to approach security-related issues in an organized way.
Here is my mental model:
- Bind addresses: listen_addresses in the postgresql.conf file
- Host-based access control: The pg_hba.conf file
- Instance-level permissions: Users, roles, database creation, login, and replication
- Database-level permissions: Connecting, creating schemas, and so on
- Schema-level permissions: Using schemas and creating objects inside a schema
- Table-level permissions: Selecting, inserting, updating, and so on
- Column-level permissions: Allowing or restricting access to columns
- Row-level security: Restricting access to rows
In order to read a value, PostgreSQL...