Only try to push down foreign joins if the user mapping OIDs match.
Previously, the foreign join pushdown infrastructure left the question
of security entirely up to individual FDWs, but it would be easy for
a foreign data wrapper to inadvertently open up subtle security holes
that way. So, make it the core code's job to determine which user
mapping OID is relevant, and don't attempt join pushdown unless it's
the same for all relevant relations.
Per a suggestion from Tom Lane. Shigeru Hanada and Ashutosh Bapat,
reviewed by Etsuro Fujita and KaiGai Kohei, with some further
changes by me.
Branch
------
master
Details
-------
http://git.postgresql.org/pg/commitdiff/fbe5a3fb73102c2cfec11aaaa4a67943f4474383
Modified Files
--------------
src/backend/executor/execParallel.c | 1 +
src/backend/foreign/foreign.c | 74 +++++++++++++++++++++++++--------
src/backend/nodes/copyfuncs.c | 1 +
src/backend/nodes/outfuncs.c | 2 +
src/backend/nodes/readfuncs.c | 1 +
src/backend/optimizer/plan/createplan.c | 9 ++++
src/backend/optimizer/plan/planner.c | 2 +
src/backend/optimizer/util/relnode.c | 36 +++++++++++++++-
src/backend/utils/cache/plancache.c | 68 +++++++++++++++++++++++++++++-
src/include/foreign/foreign.h | 1 +
src/include/nodes/plannodes.h | 1 +
src/include/nodes/relation.h | 2 +
src/include/utils/plancache.h | 1 +
13 files changed, 179 insertions(+), 20 deletions(-)