| From: | Jaime Casanova <jaime(at)2ndquadrant(dot)com> |
|---|---|
| To: | Robert Haas <rhaas(at)postgresql(dot)org> |
| Cc: | pgsql-committers(at)postgresql(dot)org |
| Subject: | Re: pgsql: Add a security_barrier option for views. |
| Date: | 2011-12-22 22:01:42 |
| Message-ID: | CAJKUy5jQ3-Bxn=WTK4jdiT4YiSuvVjH4nB_vjrQs=h8ktTk-Ew@mail.gmail.com |
| Views: | Raw Message | Whole Thread | Download mbox | Resend email |
| Thread: | |
| Lists: | pgsql-committers |
On Thu, Dec 22, 2011 at 4:17 PM, Robert Haas <rhaas(at)postgresql(dot)org> wrote:
> Add a security_barrier option for views.
>
you have some docs typos here, for the rest: cool.
doc/src/sgml/ref/create_view.sgml
"""
+ This clause specifies optional parameters for a view; currently, the
+ only suppored parameter name is <literal>security_barrier</literal>,
"""
should say "supported parameter"
doc/src/sgml/rules.sgml
"""
+ the view. This prevents maliciously-chosen functions and operators from
+ being invoked on rows until afterthe view has done its work. For
"""
should say "until after the view"?
"""
+ in the limited sense that the contents of the invisible tuples will not
+ passed to possibly-insecure functions. The user may well have other means
"""
should say "will not be passed"?
--
Jaime Casanova www.2ndQuadrant.com
Professional PostgreSQL: Soporte 24x7 y capacitación
| From | Date | Subject | |
|---|---|---|---|
| Next Message | Tom Lane | 2011-12-22 22:09:54 | Re: pgsql: Add a security_barrier option for views. |
| Previous Message | Alvaro Herrera | 2011-12-22 21:49:01 | Re: pgsql: Add a security_barrier option for views. |