Greg Smith wrote:
> Where I suspect this is all is going to settle down into is that if 1)
> the SE GUC is on and 2) one of the tables in a join has rows filtered,
> then you can expect that a) it's possible that the result will leak
> information, which certainly need to be documented,
As far as I can tell this is the case however you hide the information.
If you implemented it with views you'll have the same issue. If you hide
the existence of project p_id="TOPSECRET01" and people can run inserts
then they can spot it. Likewise, it you have fkey references to the row
then deletions can be used to spot it.
-- Richard Huxton Archonet Ltd
