Home > mailing lists

Re: row_security GUC, BYPASSRLS - Mailing list pgsql-hackers

From	Tom Lane
Subject	Re: row_security GUC, BYPASSRLS
Date	September 15, 2015 20:53:17
Msg-id	11756.1442339584@sss.pgh.pa.us Whole thread Raw
In response to	Re: row_security GUC, BYPASSRLS (Joe Conway <mail@joeconway.com>)
Responses	Re: row_security GUC, BYPASSRLS (Joe Conway <mail@joeconway.com>)
List	pgsql-hackers

Tree view

Joe Conway <mail@joeconway.com> writes:
> On 09/15/2015 10:58 AM, Robert Haas wrote:
>> I can't argue with that, I suppose, but I think row_security=force is
>> a pretty useful convenience.  If we must remove it, so be it, but I'd
>> be a little sad.

> There are use cases where row_security=force will be set in production
> environments, not only in testing.

What cases, exactly, and is there another way to solve those problems?
I concur with Noah's feeling that allowing security behavior to depend on
a GUC is risky.
        regards, tom lane

pgsql-hackers by date:

From: Fabien COELHO
Date: 15 September 2015, 20:30:42
Subject: Re: extend pgbench expressions with functions

From: Joe Conway
Date: 15 September 2015, 21:26:35
Subject: Re: row_security GUC, BYPASSRLS

Re: row_security GUC, BYPASSRLS - Mailing list pgsql-hackers

Previous

Next