| From: | Stephen Frost <sfrost(at)snowman(dot)net> |
|---|---|
| To: | Etsuro Fujita <fujita(dot)etsuro(at)lab(dot)ntt(dot)co(dot)jp> |
| Cc: | Dean Rasheed <dean(dot)a(dot)rasheed(at)gmail(dot)com>, Robert Haas <robertmhaas(at)gmail(dot)com>, "pgsql-hackers(at)postgresql(dot)org >> PostgreSQL-development" <pgsql-hackers(at)postgresql(dot)org> |
| Subject: | Re: Odd behavior of updatable security barrier views on foreign tables |
| Date: | 2015-02-17 22:44:51 |
| Message-ID: | 20150217224451.GE6717@tamriel.snowman.net |
| Views: | Raw Message | Whole Thread | Download mbox | Resend email |
| Thread: | |
| Lists: | pgsql-hackers |
Etsuro,
* Etsuro Fujita (fujita(dot)etsuro(at)lab(dot)ntt(dot)co(dot)jp) wrote:
> On 2015/02/11 4:06, Stephen Frost wrote:
> >I had been trying to work out an FDW-specific way to address this, but I
> >think Dean's right that this should be addressed in
> >expand_security_qual(), which means it'll apply to all cases and not
> >just these FDW calls. I don't think that's actually an issue though and
> >it'll match up to how SELECT FOR UPDATE is handled today.
>
> Sorry, my explanation was not accurate, but I also agree with Dean's
> idea. In the above, I just wanted to make it clear that such a lock
> request done by expand_security_qual() should be limited to the case
> where the relation that is a former result relation is a foreign
> table.
Attached is a patch which should address this. Would love your (or
anyone else's) feedback on it. It appears to address the issue which
you raised and the regression test changes are all in-line with
inserting a LockRows into the subquery, as anticipated.
Thanks!
Stephen
| Attachment | Content-Type | Size |
|---|---|---|
| fix-sbv-locking-9.4.patch | text/x-diff | 21.8 KB |
| From | Date | Subject | |
|---|---|---|---|
| Next Message | Stephen Frost | 2015-02-17 22:53:06 | Re: sloppy back-patching of column-privilege leak |
| Previous Message | Oskari Saarenmaa | 2015-02-17 22:39:27 | Re: Configurable location for extension .control files |