Re: [PATCH] Add reloption for views to enable RLS

From: walther(at)technowledgy(dot)de
To: Laurenz Albe <laurenz(dot)albe(at)cybertec(dot)at>, pgsql-hackers(at)postgresql(dot)org
Subject: Re: [PATCH] Add reloption for views to enable RLS
Date: 2022-02-15 08:24:28
Views: Raw Message | Whole Thread | Download mbox | Resend email
Lists: pgsql-hackers

Laurenz Albe:
> So even though the view owner "duff" has no permissions
> on the schema "viewtest", we can still select from the table.
> Permissions on the schema containing the table are not
> checked, only permissions on the table itself.
> I am not sure how to feel about this. It is not what I would have
> expected, but changing it would be a compatibility break.
> Should this be considered a live bug in PostgreSQL?

I now found the docs to say:

For schemas, allows access to objects contained in the schema (assuming
that the objects' own privilege requirements are also met). Essentially
this allows the grantee to “look up” objects within the schema. Without
this permission, it is still possible to see the object names, e.g., by
querying system catalogs. Also, after revoking this permission, existing
sessions might have statements that have previously performed this
lookup, so this is not a completely secure way to prevent object access.

So, this seems to be perfectly fine.



In response to

Browse pgsql-hackers by date

  From Date Subject
Next Message walther 2022-02-15 08:37:54 Re: [PATCH] Add reloption for views to enable RLS
Previous Message John Naylor 2022-02-15 07:35:41 Re: Consistently use "startup process"/"WAL sender" instead of "Startup process"/"WAL Sender" in comments and docs.