| From: | Florian Pflug <fgp(at)phlo(dot)org> |
|---|---|
| To: | KaiGai Kohei <kaigai(at)ak(dot)jp(dot)nec(dot)com> |
| Cc: | pgsql-hackers(at)postgresql(dot)org, heikki(dot)linnakangas(at)enterprisedb(dot)com, robertmhaas(at)gmail(dot)com, sfrost(at)snowman(dot)net |
| Subject: | Re: [RFC] A tackle to the leaky VIEWs for RLS |
| Date: | 2010-06-01 11:49:34 |
| Message-ID: | 0B269075-4538-4428-ADC7-C7269B6780D1@phlo.org |
| Views: | Raw Message | Whole Thread | Download mbox | Resend email |
| Thread: | |
| Lists: | pgsql-hackers |
On Jun 1, 2010, at 10:39 , KaiGai Kohei wrote:
> I have an idea that we add FuncExpr a new field (e.g nestlevel) to remember
> where is originally put in the query, and prevent reordering over the nest
> level of subqueries.
> In above example, f_malicious() has nestlevel=0 because it is put on the top
> level.
> But f_policy() has nestlevel=1 because it is originally put on the second
> level subquery. Then, the order_qual_clauses() will check nestlevel of the
> scan filter prior to reorder them based on the cost estimation.
> Even if we have multiple nestlevels, solution will be same. A FuncExpr with
> larger nestlevel shall be invoked earlier than others.
Wouldn't the information leak go away if you stuck "OFFSET 0" at the end of the view? IIRC, that is the semi-offical way to create barriers for subquery flattening and such.
best regards,
Florian Pflug
| From | Date | Subject | |
|---|---|---|---|
| Next Message | Greg Stark | 2010-06-01 13:09:11 | Re: [RFC] A tackle to the leaky VIEWs for RLS |
| Previous Message | Peter Eisentraut | 2010-06-01 11:27:37 | Re: Trigger function in a multi-threaded environment behavior |