Postgres Pro
Downloads
Home   >   mailing lists

Thread: A problem about LEAKPROOF of postgresql

A problem about LEAKPROOF of postgresql

From
"qiumingcheng"
Date:
Hello, expert, please ask a question about the source code of PostgreSQL (branch where the code is located: Master, file where the code is located: selfuncs. C). The code is as follows:
According to my understanding, in the optimizer stage, the code in the red box below can be removed, otherwise it may affect the selection of the execution plan path of the film and television image:
A user a creates a view and authorizes the view to his user B (user B only has view permissions, but does not have table permissions corresponding to the view). When querying the view under user a, 
you can see that the execution plan path will select the index path, but when user B implements the view, he will not select the index path. I know that it is a question about leakproof.

Please help to answer: in the optimizer stage,  if I remove the code in the red box below, what will be the problem。


Thank you very much.

Attachment

A problem about LEAKPROOF of postgresql

From
"David G. Johnston"
Date:
On Wednesday, September 7, 2022, qiumingcheng <qiumingcheng@aliyun.com> wrote:
Please help to answer: in the optimizer stage,  if I remove the code in the red box below, what will be the problem。


Please do not direct general inquiries to the bug reporting mailing list.  We have the -general mailing list for that.

Please consult the documentation for leakproof.


Removing said code will constitute a data leak vector as the subsequent debug message says.  The planner doesn’t get to apply other filters at this step so the data being fed to the function is assumed to contain data the user is not allowed to see and thus must not be leaked from the system.

David J.