Home > mailing lists

Re: [PATCH] Fix leaky VIEWs for RLS - Mailing list pgsql-hackers

From	KaiGai Kohei
Subject	Re: [PATCH] Fix leaky VIEWs for RLS
Date	June 8, 2010 01:10:41
Msg-id	4C0D9861.9050201@ak.jp.nec.com Whole thread Raw
In response to	Re: [PATCH] Fix leaky VIEWs for RLS (Tom Lane <tgl@sss.pgh.pa.us>)
Responses	Re: [PATCH] Fix leaky VIEWs for RLS (Stephen Frost <sfrost@snowman.net>)
List	pgsql-hackers

Tree view

(2010/06/08 9:46), Tom Lane wrote:
> KaiGai Kohei<kaigai@ak.jp.nec.com>  writes:
>> In this case, is it unnecessary to expose the given argument in
>> the error message (from security perspective), isn't it?
> 
> Yes, if all you care about is security and not usability, that looks
> like a great solution.  We're *not* doing it.
> 
Sorry, are you saying we should not revise error messages because
of usability??

If so, and if we decide the middle-threat also should be fixed,
it is necessary to distinguish functions trusted and untrusted,
even if a function is built-in.
Perhaps, pg_proc takes a new flag to represent it.

Thanks,
-- 
KaiGai Kohei <kaigai@ak.jp.nec.com>

pgsql-hackers by date:

From: Greg Stark
Date: 08 June 2010, 01:03:18
Subject: Re: [PATCH] Fix leaky VIEWs for RLS

From: Stephen Frost
Date: 08 June 2010, 01:17:42
Subject: Re: [PATCH] Fix leaky VIEWs for RLS

Re: [PATCH] Fix leaky VIEWs for RLS - Mailing list pgsql-hackers

Previous

Next