On 12/13/06,
Tom Lane <
tgl@sss.pgh.pa.us> wrote:
"Gurjeet Singh" <singh.gurjeet@gmail.com> writes:
> Can we avoid calls to Executor{Start|End}() here, or is it necessary to
> call them even for non-ANALYZE case?
No; at least not unless you want to duplicate the permission-checking
machinery inside ExecutorStart.
I had seen the ExecCheckRTPerms() call inside InitPlan(), but didn't know that we considered even the EXPLAIN output to be so sensitive.
Otherwise EXPLAIN could be used to
obtain information about tables you're not supposed to be able to read
(for instance, the estimated number of rows matching a WHERE condition
could be sensitive information).
Also, you'd have to uglify explain.c quite a lot to be able to handle
the case of traversing a plan tree without a matching planstate tree.
Thanks.
--
gurjeet[.singh]@EnterpriseDB.com
singh.gurjeet@{ gmail | hotmail | yahoo }.com
