| From: | Isaac Morland <isaac(dot)morland(at)gmail(dot)com> |
|---|---|
| To: | Dan Lynch <pyramation(at)gmail(dot)com> |
| Cc: | PostgreSQL Developers <pgsql-hackers(at)lists(dot)postgresql(dot)org> |
| Subject: | Re: policies with security definer option for allowing inline optimization |
| Date: | 2021-04-02 13:09:04 |
| Message-ID: | CAMsGm5c22e2ioVsm9ZMsV4DU-xCz24wd3AnwVk9HYqLrS6hWVQ@mail.gmail.com |
| Views: | Raw Message | Whole Thread | Download mbox | Resend email |
| Thread: | |
| Lists: | pgsql-hackers |
On Fri, 2 Apr 2021 at 01:44, Dan Lynch <pyramation(at)gmail(dot)com> wrote:
> RLS policies quals/checks are optimized inline, and so I generally avoid
> writing a separate procedure so the optimizer can do it's thing.
>
> However, if you need a security definer to avoid recursive RLS if you're
> doing a more complex query say, on a join table, anyone wish there was a
> flag on the policy itself to specify that `WITH CHECK` or `USING`
> expression could be run via security definer?
>
> The main reason for this is to avoid writing a separate security definer
> function so you can benefit from the optimizer.
>
> Is this possible? Would this be worth a feature request to postgres core?
>
If we're going to do this we should do the same for triggers as well.
It's easy to imagine a situation in which RLS policies need to refer to
information which should not be accessible to the role using the table, and
similarly it's easy to imagine a situation in which a trigger needs to
write to another table which should not be accessible to the role using the
table which has the trigger.
| From | Date | Subject | |
|---|---|---|---|
| Next Message | Amit Langote | 2021-04-02 13:09:10 | Re: a misbehavior of partition row movement (?) |
| Previous Message | Amit Langote | 2021-04-02 12:46:18 | Re: simplifying foreign key/RI checks |