| From: | Dean Rasheed <dean(dot)a(dot)rasheed(at)gmail(dot)com> |
|---|---|
| To: | Daurnimator <quae(at)daurnimator(dot)com> |
| Cc: | Stephen Frost <sfrost(at)snowman(dot)net>, pgsql-bugs(at)lists(dot)postgresql(dot)org, PostgreSQL Hackers <pgsql-hackers(at)postgresql(dot)org> |
| Subject: | Re: BUG #15708: RLS 'using' running as wrong user when called from a view |
| Date: | 2019-04-29 07:49:32 |
| Message-ID: | CAEZATCV_yDYoptaxtjiVB4yLwxQ=N7OWu8Ls98rA5MvBL+jKiQ@mail.gmail.com |
| Views: | Raw Message | Whole Thread | Download mbox | Resend email |
| Thread: | |
| Lists: | pgsql-bugs pgsql-hackers |
On Mon, 29 Apr 2019 at 04:56, Daurnimator <quae(at)daurnimator(dot)com> wrote:
>
> On Wed, 27 Mar 2019 at 23:46, Dean Rasheed <dean(dot)a(dot)rasheed(at)gmail(dot)com> wrote:
> > On second thoughts, it actually needs to be in
> > get_row_security_policies(), after making copies of the quals from the
> > policies, otherwise it would be scribbling on the copies from the
> > relcache. Actually that makes the code change a bit simpler too.
>
> Thanks for writing the patch!
>
> I'm sad this missed the last commit fest; I think this bug might be
> causing security issues in a few deployments.
> Could you submit the patch for the next commit fest?
Actually I pushed the fix for this a while ago [1] (sorry I forgot to
reply back to this thread), so it will be available in the next set of
minor version updates later this week.
Regards,
Dean
| From | Date | Subject | |
|---|---|---|---|
| Next Message | Flo Rance | 2019-04-29 07:59:36 | Re: Reg: Postgresql8.3 Using on Ubuntu |
| Previous Message | Jozef Mlich | 2019-04-29 07:42:58 | crash of postgresql 11.2-2PGDG.rhel7 in StartupXLOG () at xlog.c:6355 |
| From | Date | Subject | |
|---|---|---|---|
| Next Message | Justin Pryzby | 2019-04-29 10:28:51 | Re: Cleanup/remove/update references to OID column |
| Previous Message | David Rowley | 2019-04-29 07:36:52 | Re: Speed up build on Windows by generating symbol definition in batch |