Home > mailing lists

Re: leaky views, yet again - Mailing list pgsql-hackers

From	Tom Lane
Subject	Re: leaky views, yet again
Date	October 5, 2010 18:48:24
Msg-id	28710.1286304488@sss.pgh.pa.us Whole thread Raw
In response to	Re: leaky views, yet again (Heikki Linnakangas <heikki.linnakangas@enterprisedb.com>)
Responses	Re: leaky views, yet again Re: leaky views, yet again
List	pgsql-hackers

Tree view

Heikki Linnakangas <heikki.linnakangas@enterprisedb.com> writes:
> On 05.10.2010 21:08, Greg Stark wrote:
>> If the users that have select access on the view don't have DDL access
>> doesn't that make them leak-proof for those users?

> No. You can use built-in functions for leaking data as well.

There's a difference between "can be used to extract data wholesale"
and "can be used to probe for the existence of a specific value".
We might need to start using more specific terminology than "leak".
        regards, tom lane

pgsql-hackers by date:

From: Tom Lane
Date: 05 October 2010, 18:46:17
Subject: Re: leaky views, yet again

From: Robert Haas
Date: 05 October 2010, 18:49:54
Subject: Re: leaky views, yet again

Re: leaky views, yet again - Mailing list pgsql-hackers

Previous

Next