Home > mailing lists

Re: [HACKERS] Row Level Security UPDATE Confusion - Mailing list pgsql-hackers

From	Stephen Frost
Subject	Re: [HACKERS] Row Level Security UPDATE Confusion
Date	April 14, 2017 17:51:01
Msg-id	20170414115101.GX9812@tamriel.snowman.net Whole thread Raw
In response to	Re: [HACKERS] Row Level Security UPDATE Confusion (Rod Taylor <rod.taylor@gmail.com>)
List	pgsql-hackers

Tree view

Rod,

* Rod Taylor (rod.taylor@gmail.com) wrote:
> Then there is a bug in the simpler statement which happily lets you give
> away records.
>
> CREATE POLICY simple_all ON t TO simple USING (value > 0) WITH CHECK (true);
>
> SET session authorization simple;
> SELECT * FROM t;
> UPDATE t SET value = value * -1 WHERE value = 1;
> -- No error and value is -1 at the end.

Hm, that does seem like it's not matching up with the intent, likely
because it's an 'ALL' policy instead of individual policies.

Out of curiosity, is there a particular use-case here that you're
working towards, or just testing it out to see how it works?

Thanks!

Stephen

pgsql-hackers by date:

From: Rod Taylor
Date: 14 April 2017, 17:41:13
Subject: Re: [HACKERS] Row Level Security UPDATE Confusion

From: Petr Jelinek
Date: 14 April 2017, 18:14:13
Subject: Re: [HACKERS] Interval for launching the table sync worker

Re: [HACKERS] Row Level Security UPDATE Confusion - Mailing list pgsql-hackers

Previous

Next