From: | Stephen Frost <sfrost(at)snowman(dot)net> |
---|---|
To: | Noah Misch <noah(at)leadboat(dot)com> |
Cc: | Robert Haas <robertmhaas(at)gmail(dot)com>, Dean Rasheed <dean(dot)a(dot)rasheed(at)gmail(dot)com>, Joe Conway <mail(at)joeconway(dot)com>, "pgsql-hackers(at)postgresql(dot)org" <pgsql-hackers(at)postgresql(dot)org> |
Subject: | Re: RLS open items are vague and unactionable |
Date: | 2015-11-23 21:36:52 |
Message-ID: | 20151123213652.GJ3685@tamriel.snowman.net |
Views: | Raw Message | Whole Thread | Download mbox | Resend email |
Thread: | |
Lists: | pgsql-hackers |
Noah,
* Noah Misch (noah(at)leadboat(dot)com) wrote:
> On Mon, Sep 28, 2015 at 03:03:51PM -0400, Stephen Frost wrote:
> > If SELECT rights are required then apply the SELECT policies, even if
> > the actual command is an UPDATE or DELETE. This covers the RETURNING
> > case which was discussed previously, so we don't need the explicit check
> > for that, and further addresses the concern raised by Zhaomo about
> > someone abusing the WHERE clause in an UPDATE or DELETE.
> >
> > Further, if UPDATE rights are required then apply the UPDATE policies,
> > even if the actual command is a SELECT. This addresses the concern that
> > a user might be able to lock rows they're not actually allowed to UPDATE
> > through the UPDATE policies.
> >
> > Comments welcome, of course. Barring concerns, I'll get this pushed
> > tomorrow.
>
> The CREATE POLICY reference page continues to describe the behavior this patch
> replaced, not today's behavior.
Just to be clear, I'm not ignoring this, I've been working to try and
rework the RLS documentation to add more information to the main RLS
section and to better segregate out the general RLS documentation out
from what should really be on the CREATE POLICY page.
This update will be incorporated into that and I'll be posting the whole
thing to -docs soon for comment.
Thanks!
Stephen
From | Date | Subject | |
---|---|---|---|
Next Message | Robert Haas | 2015-11-23 22:01:43 | parallelism and sorting |
Previous Message | Alvaro Herrera | 2015-11-23 21:27:07 | Re: Re: In-core regression tests for replication, cascading, archiving, PITR, etc. |