Home > mailing lists

Re: [v9.3] Row-Level Security - Mailing list pgsql-hackers

From	Tom Lane
Subject	Re: [v9.3] Row-Level Security
Date	October 22, 2012 19:17:39
Msg-id	2993.1350922653@sss.pgh.pa.us Whole thread Raw
In response to	Re: [v9.3] Row-Level Security (Robert Haas <robertmhaas@gmail.com>)
Responses	Re: [v9.3] Row-Level Security (Robert Haas <robertmhaas@gmail.com>)
List	pgsql-hackers

Tree view

Robert Haas <robertmhaas@gmail.com> writes:
> The documentation lists several documented limitations that I would
> like to analyze a little bit.  First, it says that row-level security
> policies are not applied on UPDATE or DELETE.  That sounds downright
> dangerous to me.  Is there some really compelling reason we're not
> doing it?

[ blink... ]  Isn't that a security hole big enough for a Mack truck?
UPDATE tab SET foo = foo RETURNING *;

sucks out all the data just fine, if RLS doesn't apply to it.

Having said that, I fear that sensible row-level security for updates is
at least one order of magnitude harder than sensible row-level security
for selects.  We've speculated about how to define that in the past,
IIRC, but without any very satisfactory outcome.
        regards, tom lane

pgsql-hackers by date:

From: Andres Freund
Date: 22 October 2012, 19:13:27
Subject: Re: [PATCH] Support for Array ELEMENT Foreign Keys

From: Andrew Dunstan
Date: 22 October 2012, 19:26:00
Subject: Re: [PATCH] Support for Array ELEMENT Foreign Keys

Re: [v9.3] Row-Level Security - Mailing list pgsql-hackers

Previous

Next