From: | Tom Lane <tgl(at)sss(dot)pgh(dot)pa(dot)us> |
---|---|
To: | KaiGai Kohei <kaigai(at)ak(dot)jp(dot)nec(dot)com> |
Cc: | sfrost(at)snowman(dot)net, Jaime Casanova <jcasanov(at)systemguards(dot)com(dot)ec>, Markus Wanner <markus(at)bluegap(dot)ch>, Alex Hunsaker <badalex(at)gmail(dot)com>, PostgreSQL-development Hackers <pgsql-hackers(at)postgresql(dot)org> |
Subject: | Re: New patch for Column-level privileges |
Date: | 2009-01-13 04:16:28 |
Message-ID: | 17692.1231820188@sss.pgh.pa.us |
Views: | Raw Message | Whole Thread | Download mbox | Resend email |
Thread: | |
Lists: | pgsql-hackers |
KaiGai Kohei <kaigai(at)ak(dot)jp(dot)nec(dot)com> writes:
> I reconsidered the previous walker implementation independent
> from other parser codes is more simple and better.
And slower, and equally subject to this bug, so I'm not convinced.
> Stephen, Tom, what is your opinion?
I'm thinking make_var is not the place to do this. The places that are
supposed to be taking care of permissions are the ones that do this:
/* Require read access --- see comments in setTargetTable() */
rte->requiredPerms |= ACL_SELECT;
It's possible that we've missed some --- in particular, right at the
moment I am not sure that whole-row Vars are handled properly.
And maybe we could refactor a little bit to save some code.
But those are basically the same places that ought to be adding
bits to the column bitmaps.
regards, tom lane
From | Date | Subject | |
---|---|---|---|
Next Message | Koichi Suzuki | 2009-01-13 04:21:21 | Re: Documenting pglesslog |
Previous Message | Robert Haas | 2009-01-13 04:14:01 | Re: Recovery Test Framework |