On Wed, Jul 20, 2011 at 04:23:10PM +0200, Yeb Havinga wrote:
> On 2011-07-20 16:15, Yeb Havinga wrote:
>> On 2011-07-20 16:06, Noah Misch wrote:
>>>
>>> The SQL-level semantics of the view define the access rules in
>>> question. How
>>> would you translate that into tests to apply at a lower level?
>> I assumed the leaky view thread was about row level security, not
>> about access rules to views, since it was mentioned at the RLS wiki
>> page for se-pgsql. Sorry for the confusion.
> Had to digg a bit for the wiki, it was this one :
> http://wiki.postgresql.org/wiki/RLS#Issue:_A_leaky_VIEWs_for_RLS
It is about row-level security, broadly. These patches close the hazard
described in the latter half of this page:
http://www.postgresql.org/docs/9.0/static/rules-privileges.html
In the example given there, "phone NOT LIKE '412%'" is the (row-level) access
rule that needs to apply before any possibly-leaky function sees the tuple.
--
Noah Misch http://www.2ndQuadrant.com/
PostgreSQL Development, 24x7 Support, Training & Services