Re: Feature Recommendations for Logical Subscriptions

Поиск
Список
Период
Сортировка
От Peter Smith
Тема Re: Feature Recommendations for Logical Subscriptions
Дата
Msg-id CAHut+Ps-fWX+L=oGidXFxpBf532Zk18Ju9wvZqpbdi=5pp9BBg@mail.gmail.com
обсуждение исходный текст
Ответ на Re: Feature Recommendations for Logical Subscriptions  ("YeXiu" <1518981153@qq.com>)
Ответы Re: Feature Recommendations for Logical Subscriptions
Список pgsql-hackers
Hi,

FYI, the Column List documentation [1] says
------
However, do not rely on this feature for security: a malicious
subscriber is able to obtain data from columns that are not
specifically published. If security is a consideration, protections
can be applied at the publisher side.
------

IIRC, this was something to do with how the COPY done by the initial
table sync might be manipulated by a malicious subscriber. I think you
can find more details about this in the original thread when Column
Lists were introduced. e.g. try searching this [2] thread for the word
"security".

======
[1] https://www.postgresql.org/docs/current/logical-replication-col-lists.html
[2] https://www.postgresql.org/message-id/flat/CAH2L28vddB_NFdRVpuyRBJEBWjz4BSyTB%3D_ektNRH8NJ1jf95g%40mail.gmail.com

Kind Regards,
Peter Smith.
Fujitsu Australia



В списке pgsql-hackers по дате отправления: