Home > mailing lists

pgsql: Switch user ID to the object owner when populating a materialize - Mailing list pgsql-committers

From	Noah Misch
Subject	pgsql: Switch user ID to the object owner when populating a materialize
Date	July 13, 2013 01:30:07
Msg-id	E1Uxlqj-0007rE-S7@gemulon.postgresql.org Whole thread Raw
List	pgsql-committers

Tree view

Switch user ID to the object owner when populating a materialized view.

This makes superuser-issued REFRESH MATERIALIZED VIEW safe regardless of
the object's provenance.  REINDEX is an earlier example of this pattern.
As a downside, functions called from materialized views must tolerate
running in a security-restricted operation.  CREATE MATERIALIZED VIEW
need not change user ID.  Nonetheless, avoid creation of materialized
views that will invariably fail REFRESH by making it, too, start a
security-restricted operation.

Back-patch to 9.3 so materialized views have this from the beginning.

Reviewed by Kevin Grittner.

Branch
------
master

Details
-------
http://git.postgresql.org/pg/commitdiff/f3ab5d46960023cf8a9df3751ab9748ce01a46a0

Modified Files
--------------
doc/src/sgml/ref/create_materialized_view.sgml |    4 +++-
src/backend/commands/createas.c                |   30 ++++++++++++++++++++++++
src/backend/commands/matview.c                 |   19 +++++++++++++++
3 files changed, 52 insertions(+), 1 deletion(-)

pgsql-committers by date:

From: Michael Meskes
Date: 12 July 2013, 16:05:33
Subject: pgsql: Fixed incorrect description of EXEC SQL VAR command.

From: Noah Misch
Date: 13 July 2013, 01:30:08
Subject: pgsql: Switch user ID to the object owner when populating a materialize

pgsql: Switch user ID to the object owner when populating a materialize - Mailing list pgsql-committers

Previous

Next