Can we use PostrgreSQL's row-level-security to enable arbitrary query execution security in secure multi-tenant web applications?
Can we break out and access another tenants information?
No, this is handled using schemas, ownership and roles (users). Using RLS does not impact leaking data
between tenants. This allows us to give out SQL accounts that can run arbitrary queries without leaking data between
How can we protect against role or privileges escalation within a tenant?
Consider an application that has 3 user types (roles):