Up to PostgreSQL 8.3 it was only possible to grant (and revoke) permissions on the entire table. If column level permissions were needed, a workaround like a view solved (more or less) the problem: create the view with the required (allowed) columns, revoke all permissions from the underlaying table, grant permissions to the view.
This - of course - is uneloquent, error prone and does not scale well. For different users requiring access to different columns, a big number of views is needed.
PostgreSQL 8.4 solves the problem with a shiny new feature: column level permissions.
Continue reading "PostgreSQL 8.4: Column Permissions"