PATCH: Add query for operators unusable with RLS to documentation - Mailing list pgsql-hackers

From Josh Snyder
Subject PATCH: Add query for operators unusable with RLS to documentation
Date
Msg-id 5af3bf0c-5e0c-4128-81dc-084c5258b1af@code406.com
Whole thread Raw
Responses Re: PATCH: Add query for operators unusable with RLS to documentation
List pgsql-hackers
When deploying RLS, I was surprised to find that certain queries which used 
only builtin indexes and operators had dramatically different query plans when 
a policy is applied. In my case, the query `tsvector @@ tsquery` over a GIN
index was no longer able to use that index. I was able to find one other
instance [1] of someone being surprised by this behavior on the mailing lists.

The docs already discuss the LEAKPROOF semantics in the abstract, but I think 
they place not enough focus on the idea that builtin operators can be (and
frequently are) not leakproof. Based on the query given in the attached patch,
I found that 387 operators are not leakproof versus 588 that are.

The attached patch updates the documentation to provide an easy query over
system catalogs as a way of determining which operators will no longer perform
well under RLS or a security-barrier view.

Thanks,
Josh

[1]
https://www.postgresql.org/message-id/CAGrP7a2t%2BJbeuxpQY%2BRSvNe4fr3%2B%3D%3DUmyimwV0GCD%2BwcrSSb%3Dw%40mail.gmail.com
Attachment

pgsql-hackers by date:

Previous
From: Thomas Munro
Date:
Subject: Re: Streaming read-ready sequential scan code
Next
From: Ranier Vilela
Date:
Subject: Re: Sort functions with specialized comparators