Quick Links

Re: API change advice: Passing plan invalidation info from the rewriter into the planner?

From:	Craig Ringer <craig(at)2ndquadrant(dot)com>
To:	Tom Lane <tgl(at)sss(dot)pgh(dot)pa(dot)us>, Adam Brightwell <adam(dot)brightwell(at)crunchydatasolutions(dot)com>
Cc:	Stephen Frost <sfrost(at)snowman(dot)net>, Craig Ringer <craig(at)hobby(dot)2ndquadrant(dot)com>, PostgreSQL Hackers <pgsql-hackers(at)postgresql(dot)org>, Robert Haas <robertmhaas(at)gmail(dot)com>, Alvaro Herrera <alvherre(at)hobby(dot)2ndquadrant(dot)com>, Andres Freund <andres(at)hobby(dot)2ndquadrant(dot)com>, Greg Smith <greg(at)hobby(dot)2ndquadrant(dot)com>, Yeb Havinga <yeb(dot)havinga(at)portavita(dot)nl>
Subject:	Re: API change advice: Passing plan invalidation info from the rewriter into the planner?
Date:	2014-06-10 23:18:39
Message-ID:	5397924F.5070904@2ndquadrant.com
Views:	Raw Message \| Whole Thread \| Download mbox \| Resend email
Thread:
Lists:	pgsql-hackers

On 06/11/2014 02:19 AM, Tom Lane wrote:
> Hm ... I'm not following why we'd need a special case for superusers and
> not anyone else? Seems like any useful RLS scheme is going to require
> more privilege levels than just superuser and not-superuser.

What it really needs is to invalidate plans when switching between
RLS-enabled and RLS-exempt users, yes. I'm sure we'll want an "RLS
exempt" right or mode sooner rather than later, so I'm against tying
this explicitly to superuser as such.

I wouldn't be surprised to see

SET ROW SECURITY ON|OFF

down the track, with a right controlling whether you can or not. Or at
least, a right that directly exempts a user from row security.

> Could we put the "if superuser then ok" test into the RLS condition test
> and thereby not need more than one plan at all?

Only if we put it in another level of security barrier subquery, because
otherwise the planner might execute the other quals (including possible
user defined functions) before the superuser test. Which was the whole
reason for the superuser test in the first place.

--
Craig Ringer http://www.2ndQuadrant.com/
PostgreSQL Development, 24x7 Support, Training & Services

In response to

Re: API change advice: Passing plan invalidation info from the rewriter into the planner? at 2014-06-10 18:19:41 from Tom Lane

Responses

Re: API change advice: Passing plan invalidation info from the rewriter into the planner? at 2014-06-10 23:24:11 from Tom Lane
Re: API change advice: Passing plan invalidation info from the rewriter into the planner? at 2014-06-11 14:26:46 from Robert Haas
Re: API change advice: Passing plan invalidation info from the rewriter into the planner? at 2014-06-11 15:40:09 from Stephen Frost

Browse pgsql-hackers by date

	From	Date	Subject
Next Message	Tom Lane	2014-06-10 23:19:36	Re: [GENERAL] Question about partial functional indexes and the query planner
Previous Message	Vik Fearing	2014-06-10 22:21:58	Re: "RETURNING PRIMARY KEY" syntax extension