| From: | Jeff Davis <pgsql(at)j-davis(dot)com> |
|---|---|
| To: | Mark Dilger <mark(dot)dilger(at)enterprisedb(dot)com> |
| Cc: | Amit Kapila <amit(dot)kapila16(at)gmail(dot)com>, Andrew Dunstan <andrew(at)dunslane(dot)net>, PostgreSQL-development <pgsql-hackers(at)postgresql(dot)org>, Robert Haas <robertmhaas(at)gmail(dot)com> |
| Subject: | Re: Non-superuser subscription owners |
| Date: | 2022-01-08 07:38:31 |
| Message-ID: | 9da4d877048f767d36283fca1a3d133112fceca7.camel@j-davis.com |
| Views: | Raw Message | Whole Thread | Download mbox | Resend email |
| Thread: | |
| Lists: | pgsql-hackers |
On Wed, 2021-12-15 at 12:23 -0800, Mark Dilger wrote:
> > On Nov 24, 2021, at 4:30 PM, Jeff Davis <pgsql(at)j-davis(dot)com> wrote:
> >
> > We need to do permission checking for WITH CHECK OPTION and RLS.
> > The
> > patch right now allows the subscription to write data that an RLS
> > policy forbids.
>
> Version 4 of the patch, attached, no longer allows RLS to be
> circumvented, but does so in a course-grained fashion.
Committed.
I tried to do some performance testing to see if there was any impact
of the extra catalog + ACL checks. Logical replication seems slow
enough -- something like 3X slower than local inserts -- that it didn't
seem to make a difference.
To test it, I did the following:
1. sent a SIGSTOP to the logical apply worker
2. loaded more data in publisher
3. made the subscriber a sync replica
4. timed the following:
a. sent a SIGCONT to the logical apply worker
b. insert a single tuple on the publisher side
c. wait for the insert to return, indicating that logical
replication is done up to that point
Does anyone have a better way to measure logical replication
performance?
Regards,
Jeff Davis
| From | Date | Subject | |
|---|---|---|---|
| Next Message | Michael Paquier | 2022-01-08 07:47:52 | Re: \dP and \dX use ::regclass without "pg_catalog." |
| Previous Message | Jeff Davis | 2022-01-08 07:31:06 | Re: Non-superuser subscription owners |