Re: Row level security implementation in Foreign Table in Postgres

From: Tom Lane <tgl(at)sss(dot)pgh(dot)pa(dot)us>
To: Robert Haas <robertmhaas(at)gmail(dot)com>
Cc: Sounak Chakraborty <sounakr(at)gmail(dot)com>, "pgsql-hackers(at)postgresql(dot)org" <pgsql-hackers(at)postgresql(dot)org>
Subject: Re: Row level security implementation in Foreign Table in Postgres
Date: 2016-11-03 23:16:18
Message-ID: 2518.1478214978@sss.pgh.pa.us
Views: Raw Message | Whole Thread | Download mbox | Resend email
Thread:
Lists: pgsql-hackers

Robert Haas <robertmhaas(at)gmail(dot)com> writes:
> On Wed, Nov 2, 2016 at 10:46 PM, Sounak Chakraborty <sounakr(at)gmail(dot)com> wrote:
>> But my doubt is why this feature is not enabled in case of Foreign Table. (ALTER FOREIGN TABLE doesn't have a option of enabling Row Level Security).
>> Is this is not implemented due to some limitations in the current design?
>> Because from a quick view it looks like the security subquery can also be easily attached to the main query and passed for processing in foreign database.

> Yeah, I don't see why that couldn't be made to work.

Once the patch at <30304(dot)1478211798(at)sss(dot)pgh(dot)pa(dot)us> gets in, the major
issue will be that FDWs will have to be careful not to select quals for
optimization (ie pushing down to a remote server) unless they satisfy
restriction_is_securely_promotable(). In most cases that should be
about a one-line change in the FDW, but I'm not sure that it'd be a good
idea to just blindly assume that FDWs are doing that. We could perhaps
add some sort of "supports RLS" flag to the FDW API, which would not
get set unless the FDW author takes positive action to do so.

regards, tom lane

In response to

Responses

Browse pgsql-hackers by date

  From Date Subject
Next Message Michael Paquier 2016-11-03 23:17:53 Re: add more NLS to bin
Previous Message Tom Lane 2016-11-03 22:23:18 Re: Improving RLS planning