| From: | Robert Haas <robertmhaas(at)gmail(dot)com> |
|---|---|
| To: | Dean Rasheed <dean(dot)a(dot)rasheed(at)gmail(dot)com> |
| Cc: | Michael Paquier <michael(dot)paquier(at)gmail(dot)com>, Stephen Frost <sfrost(at)snowman(dot)net>, Yaroslav <ladayaroslav(at)yandex(dot)ru>, PostgreSQL mailing lists <pgsql-hackers(at)postgresql(dot)org> |
| Subject: | Re: A little RLS oversight? |
| Date: | 2015-07-23 04:50:37 |
| Message-ID: | CA+TgmoYGs2CEh_VxE42s+FgRXJzr9xTY9noEwjoySxxf+rkn=g@mail.gmail.com |
| Views: | Whole Thread | Raw Message | Download mbox | Resend email |
| Thread: | |
| Lists: | pgsql-hackers |
On Wed, Jul 22, 2015 at 5:17 PM, Dean Rasheed <dean(dot)a(dot)rasheed(at)gmail(dot)com> wrote:
> There's another issue here though -- just adding filters to the
> pg_stats view won't prevent a determined user from seeing the contents
> of the underlying table. For that, the view needs to have the
> security_barrier property. Arguably the fact that pg_stats isn't a
> security barrier view is a long-standing information leak allowing
> users to see values from tables for which they don't have any
> permissions. Is anyone concerned about that?
Hrm. There's no help for that in the back-branches, but we should
probably change it in 9.5+.
--
Robert Haas
EnterpriseDB: http://www.enterprisedb.com
The Enterprise PostgreSQL Company
| From | Date | Subject | |
|---|---|---|---|
| Next Message | Michael Paquier | 2015-07-23 05:19:46 | Re: [PATCH] Reload SSL certificates on SIGHUP |
| Previous Message | Michael Paquier | 2015-07-23 04:30:49 | Re: Add CINE for ALTER TABLE ... ADD COLUMN |