Home > mailing lists

Re: Broken lock management in policy.c. - Mailing list pgsql-hackers

From	Peter Geoghegan
Subject	Re: Broken lock management in policy.c.
Date	January 4, 2016 06:44:58
Msg-id	CAM3SWZQm-a3WamEM_FZYVcu-QpLJe9v2PvKsfxPNM7=qJt4oww@mail.gmail.com Whole thread Raw
In response to	Re: Broken lock management in policy.c. (Peter Geoghegan <pg@heroku.com>)
Responses	Re: Broken lock management in policy.c. (Tom Lane <tgl@sss.pgh.pa.us>)
List	pgsql-hackers

Tree view

On Sun, Jan 3, 2016 at 7:01 PM, Peter Geoghegan <pg@heroku.com> wrote:
> I would also advise only referencing a single relation within the
> SELECT FOR UPDATE.

To state what may be obvious: We should recommend that SELECT FOR
SHARE appear in the CREATE POLICY USING qual as part of this
workaround (not SELECT FOR UPDATE), because there is no need for
anything stronger than that. We only need to prevent the admin
updating a referenced-in-using-qual tuple in a way that allows a
malicious user to exploit an inconsistency in tuple visibility during
EPQ rechec. (Using SELECT FOR KEY SHARE would not reliably workaround
the underlying issue, though.)

-- 
Peter Geoghegan

pgsql-hackers by date:

From: Tom Lane
Date: 04 January 2016, 06:43:32
Subject: Re: 9.5 BLOCKER: regrole and regnamespace and quotes

From: Tom Lane
Date: 04 January 2016, 06:47:12
Subject: Re: 9.5 BLOCKER: regrole and regnamespace and quotes

Re: Broken lock management in policy.c. - Mailing list pgsql-hackers

Previous

Next