Re: [v9.4] row level security
| От | Tom Lane |
|---|---|
| Тема | Re: [v9.4] row level security |
| Дата | |
| Msg-id | 1543.1378306249@sss.pgh.pa.us обсуждение |
| Ответ на | Re: [v9.4] row level security (Robert Haas <robertmhaas@gmail.com>) |
| Ответы |
Re: [v9.4] row level security
Re: [v9.4] row level security |
| Список | pgsql-hackers |
Robert Haas <robertmhaas@gmail.com> writes:
> On Wed, Sep 4, 2013 at 10:45 AM, Tom Lane <tgl@sss.pgh.pa.us> wrote:
>> Well, the security-barrier view stuff did not present itself as a 100%
>> solution. But perhaps more to the point, it was conceptually simple to
>> implement, ie don't flatten views if they have this bit set, and don't
>> push down quals into such sub-selects unless they're marked leakproof.
> Right. IMHO, this new feature should be similarly simple: when an
> unprivileged user references a table, treat that as a reference to a
> leakproof view over the table, with the RLS qual injected into the
> view.
And for insert/update/delete, we do what exactly?
regards, tom lane
В списке pgsql-hackers по дате отправления: