Home > mailing lists

Re: [v9.4] row level security - Mailing list pgsql-hackers

From	Tom Lane
Subject	Re: [v9.4] row level security
Date	August 29, 2013 20:28:51
Msg-id	9787.1377797318@sss.pgh.pa.us Whole thread Raw
In response to	Re: [v9.4] row level security (Josh Berkus <josh@agliodbs.com>)
Responses	Re: [v9.4] row level security (Kohei KaiGai <kaigai@kaigai.gr.jp>)
List	pgsql-hackers

Tree view

Josh Berkus <josh@agliodbs.com> writes:
>> That would close only one covert channel.  Others were already pointed out
>> upthread, and I'll bet there are more ...

> Mind you, fundamentally this is no different from allowing INSERT
> permission on a table but denying SELECT, or denying SELECT on certain
> columns.  In either case, covert channels for some data are available.

Certainly.  But INSERT's purpose in life is not to prevent people from
inferring what data is in the table.  What we have to ask here is whether
a "row level security" feature that doesn't deal with these real-world
attack techniques is worth having.
        regards, tom lane

pgsql-hackers by date:

From: David Fetter
Date: 29 August 2013, 20:27:46
Subject: Re: [v9.4] row level security

From: Stephen Frost
Date: 29 August 2013, 20:40:32
Subject: Re: ALTER SYSTEM SET command to change postgresql.conf parameters (RE: Proposal for Allow postgresql.conf values to be changed via SQL [review])

Re: [v9.4] row level security - Mailing list pgsql-hackers

Previous

Next