| From: | Tom Lane <tgl(at)sss(dot)pgh(dot)pa(dot)us> |
|---|---|
| To: | Joe Conway <mail(at)joeconway(dot)com> |
| Cc: | Robert Haas <robertmhaas(at)gmail(dot)com>, Noah Misch <noah(at)leadboat(dot)com>, Stephen Frost <sfrost(at)snowman(dot)net>, "pgsql-hackers(at)postgresql(dot)org" <pgsql-hackers(at)postgresql(dot)org> |
| Subject: | Re: row_security GUC, BYPASSRLS |
| Date: | 2015-09-15 17:53:04 |
| Message-ID: | 11756.1442339584@sss.pgh.pa.us |
| Views: | Whole Thread | Raw Message | Download mbox | Resend email |
| Thread: | |
| Lists: | pgsql-hackers |
Joe Conway <mail(at)joeconway(dot)com> writes:
> On 09/15/2015 10:58 AM, Robert Haas wrote:
>> I can't argue with that, I suppose, but I think row_security=force is
>> a pretty useful convenience. If we must remove it, so be it, but I'd
>> be a little sad.
> There are use cases where row_security=force will be set in production
> environments, not only in testing.
What cases, exactly, and is there another way to solve those problems?
I concur with Noah's feeling that allowing security behavior to depend on
a GUC is risky.
regards, tom lane
| From | Date | Subject | |
|---|---|---|---|
| Next Message | Joe Conway | 2015-09-15 18:26:29 | Re: row_security GUC, BYPASSRLS |
| Previous Message | Fabien COELHO | 2015-09-15 17:30:10 | Re: extend pgbench expressions with functions |