Re: WITH CHECK and Column-Level Privileges

On 09/26/2014 05:20 PM, Stephen Frost wrote:
> All,
>
> Through continued testing, we've discovered an issue in the
> WITH CHECK OPTION code when it comes to column-level privileges
> which impacts 9.4.
>
> It's pretty straight-forward, thankfully, but:
>
> postgres=# create view myview
> postgres-# with (security_barrier = true,
> postgres-# check_option = 'local')
> postgres-# as select * from passwd where username = current_user;
> CREATE VIEW
> postgres=# grant select (username) on myview to public;
> GRANT
> postgres=# grant update on myview to public;
> GRANT
> postgres=# set role alice;
> SET
> postgres=> update myview set username = 'joe';
> ERROR: new row violates WITH CHECK OPTION for "myview"
> DETAIL: Failing row contains (joe, abc).
>
> Note that the entire failing tuple is returned, including the
> 'password' column, even though the 'alice' user does not have select
> rights on that column.

Is there similar problems with unique or exclusion constraints?

> The detail information is useful for debugging, but I believe we have
> to remove it from the error message.
>
> Barring objections, and in the hopes of getting the next beta out the
> door soon, I'll move forward with this change and back-patch it to
> 9.4 after a few hours

What exactly are you going to commit? Did you forget to attach a patch?

> (or I can do it tomorrow if there is contention;
> I don't know what, if any, specific plans there are for the next beta,
> just that it's hopefully 'soon').

Probably would be wise to wait 'till tomorrow; there's no need to rush this.

- Heikki