Re: [PATCH] Fix leaky VIEWs for RLS
| От | Stephen Frost |
|---|---|
| Тема | Re: [PATCH] Fix leaky VIEWs for RLS |
| Дата | |
| Msg-id | 20100608021952.GK21875@tamriel.snowman.net обсуждение |
| Ответ на | Re: [PATCH] Fix leaky VIEWs for RLS (Robert Haas <robertmhaas@gmail.com>) |
| Список | pgsql-hackers |
* Robert Haas (robertmhaas@gmail.com) wrote:
> 2010/6/7 KaiGai Kohei <kaigai@ak.jp.nec.com>:
> > Our headache is on functions categorized to middle-threat. It enables to
> > leak the given arguments using error messages. Here are several ideas,
> > but they have good and bad points.
>
> I think we are altogether off in the weeds here. We ought to start
> with an implementation that pushes nothing down, and then try to
> figure out how much we can relax that without too much compromising
> security.
I agree with this- and it's more-or-less what I was trying to propose in
my previous comments. I'm not even sure we need to focus on not pushing
anything down at this point- I'd start with trying to get enough
information passed around/through the system to even *identify* the case
where there's a problem in the first place..
Thanks,
Stephen
В списке pgsql-hackers по дате отправления: