pgsql: Remove the SECURITY_ROW_LEVEL_DISABLED security context bit.

Поиск
Список
Период
Сортировка
От Noah Misch
Тема pgsql: Remove the SECURITY_ROW_LEVEL_DISABLED security context bit.
Дата
Msg-id E1ZdpTK-0008F5-DS@gemulon.postgresql.org
обсуждение исходный текст
Список pgsql-committers
Дерево обсуждения 
Remove the SECURITY_ROW_LEVEL_DISABLED security context bit.

This commit's parent made superfluous the bit's sole usage.  Referential
integrity checks have long run as the subject table's owner, and that
now implies RLS bypass.  Safe use of the bit was tricky, requiring
strict control over the SQL expressions evaluating therein.  Back-patch
to 9.5, where the bit was introduced.

Based on a patch by Stephen Frost.

Branch
------
master

Details
-------
http://git.postgresql.org/pg/commitdiff/7f11724bd61b420acb2839908d51674e86e52034

Modified Files
--------------
src/backend/utils/adt/ri_triggers.c |   17 +----------------
src/backend/utils/cache/plancache.c |   12 ++----------
src/backend/utils/init/miscinit.c   |   14 +-------------
src/backend/utils/misc/rls.c        |    7 -------
src/include/miscadmin.h             |    2 --
src/include/utils/plancache.h       |    1 -
6 files changed, 4 insertions(+), 49 deletions(-)

В списке pgsql-committers по дате отправления:

Предыдущее
От: Noah Misch
Дата:
Сообщение: pgsql: Remove the row_security=force GUC value.
Следующее
От: Noah Misch
Дата:
Сообщение: pgsql: Restrict file mode creation mask during tmpfile().