More obvious clarification is needed about how RLS interacts with views

From: PG Doc comments form <noreply(at)postgresql(dot)org>
To: pgsql-docs(at)lists(dot)postgresql(dot)org
Cc: alanfairless(at)gmail(dot)com
Subject: More obvious clarification is needed about how RLS interacts with views
Date: 2019-06-13 19:52:57
Message-ID: 156045557781.1350.3998342005368853619@wrigleys.postgresql.org
Views: Raw Message | Whole Thread | Download mbox | Resend email
Thread:
Lists: pgsql-docs

The following documentation comment has been logged on the website:

Page: https://www.postgresql.org/docs/11/sql-createpolicy.html
Description:

It's not clear enough from reading the documentation on RLS security policy
that schema designers need to pay special attention to views and their
ownership. (Views will bypass RLS security in the common case that they are
owned by a super user.) I have seen this misunderstanding lead to
unexpected data exposure.

This *is* clarified at the very bottom of the Notes section on the `create
policy` document, but I believe it justifies having a clear and prominent
call out. Thank you!

Browse pgsql-docs by date

  From Date Subject
Next Message Alvaro Herrera 2019-06-13 20:07:20 Re: ATTACH/DETACH partitions and locking
Previous Message Pavel Luzanov 2019-06-13 12:14:13 ATTACH/DETACH partitions and locking