| From: | <msalais(at)msym(dot)fr> |
|---|---|
| To: | <pgsql-admin(at)lists(dot)postgresql(dot)org> |
| Subject: | A flaw in treating WITH CHECK OPTION views |
| Date: | 2024-04-18 18:35:02 |
| Message-ID: | 000501da91bf$20e2b380$62a81a80$@msym.fr |
| Views: | Whole Thread | Raw Message | Download mbox | Resend email |
| Thread: | |
| Lists: | pgsql-admin |
Hi,
I will demonstrate what I want with a little example
msym=> create table t (c1 int, c2 int, c3 int);
CREATE TABLE
msym=> insert into t values (1, 1, 10),(2, 1, 10), (3, 2, 20), (4, 2, 20);
INSERT 0 4
msym=> create view v as select c1, c2 from t where c2 = 2 with check option;
CREATE VIEW
msym=> select * from v;
c1 | c2
----+----
3 | 2
4 | 2
(2 lignes)
msym=> update v set c2 = 3 where c1 = 3;
ERROR: new row violates check option for view "v"
DETAIL : Failing row contains (3, 3, 20).
Suppose that view use is exactly to hide value of c3! This example shows a
security issue.
Best regards
Michel SALAIS
| From | Date | Subject | |
|---|---|---|---|
| Next Message | msalais | 2024-04-18 18:42:17 | RE: A flaw in treating WITH CHECK OPTION views |
| Previous Message | Ron Johnson | 2024-04-18 17:12:55 | Re: Installation of PostGIS without internet or with limited internet access |