Re: column level privileges

From: Tom Lane <tgl(at)sss(dot)pgh(dot)pa(dot)us>
To: Stephen Frost <sfrost(at)snowman(dot)net>
Cc: Andrew Dunstan <andrew(at)dunslane(dot)net>, "Patches (PostgreSQL)" <pgsql-patches(at)postgresql(dot)org>
Subject: Re: column level privileges
Date: 2008-05-07 00:57:48
Views: Raw Message | Whole Thread | Download mbox | Resend email
Lists: pgsql-hackers pgsql-patches

Stephen Frost <sfrost(at)snowman(dot)net> writes:
> * Tom Lane (tgl(at)sss(dot)pgh(dot)pa(dot)us) wrote:
>> I'm not sure where we go from here. Your GSOC student has disappeared,
>> right? Is anyone else willing to take up the patch and work on it?

> I'm willing to take it up and work on it.

Excellent! As you say, you've seen that code before, so it should
go more quickly for you than most people.

>> One possible solution is to add a flag field
>> to TargetEntry to carry the information forward.

> I'll look into this, I liked the bitmap idea, personally.

Yeah, I do too. What I am thinking now is that we need two bitmaps
per RTE: one showing the columns explicitly referenced (hence needing
SELECT permission) and one showing the columns assigned to (hence
needing INSERT or UPDATE as appropriate --- we will never have both
cases in one Query, so we don't need two bitmaps). It would be
fairly easy to build these in the parser, and to check them in
the executor ... the fun part would be keeping them up-to-date
while the rewriter and planner mash the query around ...

>> One other mistake I noted was that the version checks added in pg_dump
>> and psql are ">= 80300", which of course is obsolete now.

> That one's pretty easy to handle. :)

Yeah, I just wanted to make sure it wasn't forgotten. It's the kind
of thing you'd not notice in testing unless you thought to try pg_dump
against old server versions (which is a good idea of course).

regards, tom lane

In response to

Browse pgsql-hackers by date

  From Date Subject
Next Message Tom Lane 2008-05-07 01:24:50 CONSTROID syscache vs relcache flushes
Previous Message Stephen Frost 2008-05-07 00:44:40 Re: [PATCHES] column level privileges

Browse pgsql-patches by date

  From Date Subject
Next Message Tom Lane 2008-05-07 01:57:30 Re: [PATCHES] [ Re: [BUGS] Problem identifying constraints which should not be inherited]
Previous Message Stephen Frost 2008-05-07 00:42:24 Re: column level privileges