Home > mailing lists

Re: copy.c handling for RLS is insecure - Mailing list pgsql-hackers

From	Andres Freund
Subject	Re: copy.c handling for RLS is insecure
Date	July 9, 2015 11:41:58
Msg-id	20150709084148.GU10242@alap3.anarazel.de Whole thread Raw
In response to	Re: copy.c handling for RLS is insecure (Noah Misch <noah@leadboat.com>)
Responses	Re: copy.c handling for RLS is insecure (Stephen Frost <sfrost@snowman.net>)
List	pgsql-hackers

Tree view

On 2015-07-09 01:28:28 -0400, Noah Misch wrote:
> > - Keep the OID check, shouldn't hurt to have it
> 
> What benefit is left?

A bit of defense in depth. We execute user defined code in COPY
(e.g. BEFORE triggers). That user defined code could very well replace
the relation. Now I think right now that'd happen late enough, so the
second lookup already happened. But a bit more robust defense against
that sounds good to me.

pgsql-hackers by date:

From: Peter Geoghegan
Date: 09 July 2015, 11:10:31
Subject: Re: Further issues with jsonb semantics, documentation

From: David Rowley
Date: 09 July 2015, 12:44:19
Subject: Re: Sharing aggregate states between different aggregate functions

Re: copy.c handling for RLS is insecure - Mailing list pgsql-hackers

Previous

Next