Home > mailing lists

Re: RLS Design - Mailing list pgsql-hackers

From	Stephen Frost
Subject	Re: RLS Design
Date	July 2, 2014 19:02:33
Msg-id	20140702154934.GJ16422@tamriel.snowman.net Whole thread Raw
In response to	Re: RLS Design (Robert Haas <robertmhaas@gmail.com>)
List	pgsql-hackers

Tree view

* Robert Haas (robertmhaas@gmail.com) wrote:
> On Wed, Jul 2, 2014 at 11:42 AM, Stephen Frost <sfrost@snowman.net> wrote:
> >> > What if policies exist and they decide to
> >> > 'turn off' RLS for the table- suddenly everyone can see all the rows?
> >>
> >> That'd be my vote.  Sorta like disabling triggers.
> >
> > Hmm.  Ok- how would you feel about at least spitting out a WARNING if
> > there are still policies on the table in that case..?  Just makes me a
> > bit nervous to have a case where policies can be defined on a table but
> > are not actually being enforced..
>
> Sounds like nanny-ism to me.

Alright, fair enough.  Clearly, the individual changing the RLS on the
table will have to have appropriate rights to do so.
Thanks,
    Stephen

pgsql-hackers by date:

From: Palle Girgensohn
Date: 02 July 2014, 19:00:45
Subject: Re: Keepalive-related socket options under FreeBSD 9, 10

From: Tom Lane
Date: 02 July 2014, 19:04:09
Subject: Re: Re: Patch to send transaction commit/rollback stats to the stats collector unconditionally.

Re: RLS Design - Mailing list pgsql-hackers

Previous

Next