From: | Kohei KaiGai <kaigai(at)kaigai(dot)gr(dot)jp> |
---|---|
To: | Tom Lane <tgl(at)sss(dot)pgh(dot)pa(dot)us>, Robert Haas <robertmhaas(at)gmail(dot)com> |
Cc: | Noah Misch <noah(at)leadboat(dot)com>, Kevin Grittner <Kevin(dot)Grittner(at)wicourts(dot)gov>, Kohei(dot)Kaigai(at)emea(dot)nec(dot)com, thom(at)linux(dot)com, pgsql-hackers(at)postgresql(dot)org |
Subject: | Re: [v9.2] Fix Leaky View Problem |
Date: | 2011-11-03 10:20:01 |
Message-ID: | CADyhKSUHs50oScwxdSXO-Zr3N5607_Kh2FEr=912QFdJtL1fsg@mail.gmail.com |
Views: | Raw Message | Whole Thread | Download mbox | Resend email |
Thread: | |
Lists: | pgsql-hackers |
2011/11/2 Tom Lane <tgl(at)sss(dot)pgh(dot)pa(dot)us>:
> Kohei KaiGai <kaigai(at)kaigai(dot)gr(dot)jp> writes:
>> The reason why I redefined the relid of RangeTblEntry is to avoid
>> the problem when security_barrier attribute get changed by concurrent
>> transactions between rewriter and planenr stage.
>
> This is complete nonsense. If the information is being injected into
> the querytree by the rewriter, it's sufficient to assume that it's up to
> date. Were it not so, we'd have problems with CREATE OR REPLACE RULE,
> too.
>
I revised the patches to revert redefinition in relid of RangeTblEntry, and
add a flag of "security_barrier".
I seems to work fine, even if view's property was changed between
rewriter and planner stage.
postgres=# CREATE VIEW v1 WITH (security_barrier) AS SELECT * FROM t1
WHERE a % 2 = 0;
CREATE VIEW
postgres=# PREPARE p1 AS SELECT * FROM v1 WHERE f_leak(b);
PREPARE
postgres=# EXECUTE p1;
NOTICE: f_leak => bbb
NOTICE: f_leak => ddd
a | b
---+-----
2 | bbb
4 | ddd
(2 rows)
postgres=# ALTER VIEW v1 SET (security_barrier=false);
ALTER VIEW
postgres=# EXECUTE p1;
NOTICE: f_leak => aaa
NOTICE: f_leak => bbb
NOTICE: f_leak => ccc
NOTICE: f_leak => ddd
NOTICE: f_leak => eee
a | b
---+-----
2 | bbb
4 | ddd
(2 rows)
postgres=# ALTER VIEW v1 SET (security_barrier=true);
ALTER VIEW
postgres=# EXECUTE p1;
NOTICE: f_leak => bbb
NOTICE: f_leak => ddd
a | b
---+-----
2 | bbb
4 | ddd
(2 rows)
Thanks,
--
KaiGai Kohei <kaigai(at)kaigai(dot)gr(dot)jp>
Attachment | Content-Type | Size |
---|---|---|
pgsql-v9.2-fix-leaky-view.part-1.v6.patch | application/octet-stream | 44.5 KB |
pgsql-v9.2-fix-leaky-view.part-2.v6.patch.gz | application/x-gzip | 73.0 KB |
From | Date | Subject | |
---|---|---|---|
Next Message | Bruce Momjian | 2011-11-03 10:20:24 | Re: pg_upgrade if 'postgres' database is dropped |
Previous Message | Simon Riggs | 2011-11-03 08:55:11 | Re: Re: [COMMITTERS] pgsql: Reduce checkpoints and WAL traffic on low activity database serv |