| From: | Craig Ringer <craig(at)2ndquadrant(dot)com> |
|---|---|
| To: | Alvaro Herrera <alvherre(at)2ndquadrant(dot)com>, Robert Haas <robertmhaas(at)gmail(dot)com> |
| Cc: | Stephen Frost <sfrost(at)snowman(dot)net>, Tom Lane <tgl(at)sss(dot)pgh(dot)pa(dot)us>, Adam Brightwell <adam(dot)brightwell(at)crunchydatasolutions(dot)com>, PostgreSQL Hackers <pgsql-hackers(at)postgresql(dot)org>, Yeb Havinga <yeb(dot)havinga(at)portavita(dot)nl> |
| Subject: | Re: API change advice: Passing plan invalidation info from the rewriter into the planner? |
| Date: | 2014-06-25 01:31:36 |
| Message-ID: | 53AA2678.9010105@2ndquadrant.com |
| Views: | Raw Message | Whole Thread | Download mbox | Resend email |
| Thread: | |
| Lists: | pgsql-hackers |
On 06/24/2014 10:30 PM, Alvaro Herrera wrote:
> I haven't been following this thread, but this bit caught my attention.
> I'm not sure I agree that OR is always the right policy either.
> There is a case for a policy that says "forbid these rows to these guys,
> even if they have read permissions from elsewhere".
That's generally considered a "DENY" policy, a concept borrowed from ACLs.
You have access to a resource if:
- You have at least one policy that gives you access AND
- You have no policies that deny you access
> If OR is the only
> way to mix multiple policies there might not be a way to implement this.
I think that's a "later" myself, but we shouldn't design ourselves into
a corner where we can't support deny rules either.
--
Craig Ringer http://www.2ndQuadrant.com/
PostgreSQL Development, 24x7 Support, Training & Services
| From | Date | Subject | |
|---|---|---|---|
| Next Message | Stephen Frost | 2014-06-25 01:33:48 | Re: API change advice: Passing plan invalidation info from the rewriter into the planner? |
| Previous Message | Stephen Frost | 2014-06-25 00:49:00 | RLS Design |