From: | Noah Misch <noah(at)leadboat(dot)com> |
---|---|
To: | Joe Conway <mail(at)joeconway(dot)com>, Adam Brightwell <adam(dot)brightwell(at)crunchydatasolutions(dot)com> |
Cc: | Robert Haas <robertmhaas(at)gmail(dot)com>, Tom Lane <tgl(at)sss(dot)pgh(dot)pa(dot)us>, Stephen Frost <sfrost(at)snowman(dot)net>, "pgsql-hackers(at)postgresql(dot)org" <pgsql-hackers(at)postgresql(dot)org> |
Subject: | Re: row_security GUC, BYPASSRLS |
Date: | 2015-09-21 05:33:14 |
Message-ID: | 20150921053314.GA3788668@tornado.leadboat.com |
Views: | Raw Message | Whole Thread | Download mbox | Resend email |
Thread: | |
Lists: | pgsql-hackers |
On Fri, Sep 18, 2015 at 09:27:13AM -0500, Joe Conway wrote:
> On 09/18/2015 09:25 AM, Adam Brightwell wrote:
> >>> 1. remove row_security=force
> >>> 2. remove SECURITY_ROW_LEVEL_DISABLED; make ri_triggers.c subject to policies
> >>> 3. add DDL-controlled, per-table policy forcing
> >>>
> >>> They ought to land in that order. PostgreSQL 9.5 would need at least (1) and
> >>> (2); would RLS experts find it beneficial for me to take care of those?
Done.
> >> That would be awesome, but I would say that if we do #1 & 2 for 9.5, we
> >> also need #3.
Understood.
> > Agreed. Please let me know if there is anything I can do to help.
>
> Yes, same here.
Thanks. https://wiki.postgresql.org/wiki/PostgreSQL_9.5_Open_Items is the big
board of things needing work. These items are long-idle:
- 84 days: UPSERT on partition
- 81 days: Refactoring speculative insertion with unique indexes a little
- 49 days: Arguable RLS security bug, EvalPlanQual() paranoia
If you grab one or more of those and figure out what it/they need to get
moving again, that would help move us toward 9.5 final. (Don't feel the need
to limit yourself to those three, but they are the low-hanging fruit.)
From | Date | Subject | |
---|---|---|---|
Next Message | Noah Misch | 2015-09-21 05:45:10 | Re: row_security GUC, BYPASSRLS |
Previous Message | Corey Huinker | 2015-09-21 04:52:09 | Re: [POC] FETCH limited by bytes. |