| From: | Noah Misch <noah(at)2ndQuadrant(dot)com> |
|---|---|
| To: | Yeb Havinga <yebhavinga(at)gmail(dot)com> |
| Cc: | Kohei KaiGai <kaigai(at)kaigai(dot)gr(dot)jp>, Robert Haas <robertmhaas(at)gmail(dot)com>, Heikki Linnakangas <heikki(dot)linnakangas(at)enterprisedb(dot)com>, Kohei Kaigai <Kohei(dot)Kaigai(at)emea(dot)nec(dot)com>, Stephen Frost <sfrost(at)snowman(dot)net>, Tom Lane <tgl(at)sss(dot)pgh(dot)pa(dot)us>, pgsql-hackers <pgsql-hackers(at)postgresql(dot)org> |
| Subject: | Re: [v9.2] Fix leaky-view problem, part 2 |
| Date: | 2011-07-20 14:43:03 |
| Message-ID: | 20110720144302.GG14580@tornado.leadboat.com |
| Views: | Raw Message | Whole Thread | Download mbox | Resend email |
| Thread: | |
| Lists: | pgsql-hackers |
On Wed, Jul 20, 2011 at 04:23:10PM +0200, Yeb Havinga wrote:
> On 2011-07-20 16:15, Yeb Havinga wrote:
>> On 2011-07-20 16:06, Noah Misch wrote:
>>>
>>> The SQL-level semantics of the view define the access rules in
>>> question. How
>>> would you translate that into tests to apply at a lower level?
>> I assumed the leaky view thread was about row level security, not
>> about access rules to views, since it was mentioned at the RLS wiki
>> page for se-pgsql. Sorry for the confusion.
> Had to digg a bit for the wiki, it was this one :
> http://wiki.postgresql.org/wiki/RLS#Issue:_A_leaky_VIEWs_for_RLS
It is about row-level security, broadly. These patches close the hazard
described in the latter half of this page:
http://www.postgresql.org/docs/9.0/static/rules-privileges.html
In the example given there, "phone NOT LIKE '412%'" is the (row-level) access
rule that needs to apply before any possibly-leaky function sees the tuple.
--
Noah Misch http://www.2ndQuadrant.com/
PostgreSQL Development, 24x7 Support, Training & Services
| From | Date | Subject | |
|---|---|---|---|
| Next Message | Robert Haas | 2011-07-20 14:54:31 | Re: [v9.1] sepgsql - userspace access vector cache |
| Previous Message | Yeb Havinga | 2011-07-20 14:23:10 | Re: [v9.2] Fix leaky-view problem, part 2 |