Postgres Pro
Downloads
Home   >   mailing lists

Re: API change advice: Passing plan invalidation info from the rewriter into the planner? - Mailing list pgsql-hackers

From Craig Ringer
Subject Re: API change advice: Passing plan invalidation info from the rewriter into the planner?
Date
Msg-id 53979417.4030808@2ndquadrant.com
Whole thread Raw
In response to Re: API change advice: Passing plan invalidation info from the rewriter into the planner?  (Tom Lane <tgl@sss.pgh.pa.us>)
Responses Re: API change advice: Passing plan invalidation info from the rewriter into the planner?  (Tom Lane <tgl@sss.pgh.pa.us>)
Re: API change advice: Passing plan invalidation info from the rewriter into the planner?  (Stephen Frost <sfrost@snowman.net>)
List pgsql-hackers
Tree view 
On 06/11/2014 07:24 AM, Tom Lane wrote:
> Is the point of that that the table owner might have put trojan-horse
> functions into the RLS qual?  If so, why are we only concerned about
> defending the superuser and not other users?  Seems like the right fix
> would be to insist that functions in the RLS qual run as the table owner.
> Granted, that might be painful to do.  But it still seems like "we only
> need to do this for superusers" is designing with blinkers on.

I agree, and now that the urgency of trying to deliver this for 9.4 is
over it's worth seeing if we can just run as table owner.

Failing that, we could take the approach a certain other RDBMS does and
make the ability to define row security quals a GRANTable right
initially held only by the superuser.

-- Craig Ringer                   http://www.2ndQuadrant.com/PostgreSQL Development, 24x7 Support, Training & Services

pgsql-hackers by date:

Previous
From: Tom Lane
Date:
Subject: Re: API change advice: Passing plan invalidation info from the rewriter into the planner?
Next
From: Tom Lane
Date:
Subject: Re: API change advice: Passing plan invalidation info from the rewriter into the planner?