From: | Marc Munro <marc(at)bloodnok(dot)com> |
---|---|
To: | Robert Haas <robertmhaas(at)gmail(dot)com>, Tom Lane <tgl(at)sss(dot)pgh(dot)pa(dot)us>, Stephen Frost <sfrost(at)snowman(dot)net>, Josh Berkus <josh(at)agliodbs(dot)com>, KoheiKaiGai <kaigai(at)kaigai(dot)gr(dot)jp>, "ktm(at)rice(dot)edu" <ktm(at)rice(dot)edu>, Alexander Korotkov <aekorotkov(at)gmail(dot)com>, Oleg Bartunov <obartunov(at)gmail(dot)com>, GregSmith <greg(at)2ndquadrant(dot)com> |
Cc: | pgsql-hackers(at)postgresql(dot)org |
Subject: | Re: [v9.4] row level security |
Date: | 2013-10-10 18:56:49 |
Message-ID: | 1381431409.15121.58.camel@bloodnok.com |
Views: | Raw Message | Whole Thread | Download mbox | Resend email |
Thread: | |
Lists: | pgsql-hackers |
On Wed, 2013-09-04 at 14:35 +0000, Robert Haas wrote:
>
> On Fri, Aug 30, 2013 at 3:43 PM, Tom Lane <tgl(at)sss(dot)pgh(dot)pa(dot)us> wrote:
> > I think it's entirely sensible to question whether we should reject
> (not
> > "hold up") RLS if it has major covert-channel problems.
>
> We've already had this argument before, about the security_barrier
[ . . . ]
Sorry for following up on this so late, I have just been trying to catch
up with the mailing lists.
I am the developer of Veil, which this thread mentioned a number of
times. I wanted to state/confirm a number of things:
Veil is not up to date wrt Postgres versions. I didn't release a new
version for 9.2, and when no-one complained I figured no-one other than
me was using it. I'll happily update it if anyone wants it.
Veil makes no attempt to avoid covert channels. It can't.
Veil is a low-level toolset designed for optimising queries about
privileges. It allows you to build RLS with reasonable performance, but
it is not in itself a solution for RLS.
I wish the Postgres RLS project well and look forward to its release in
Postgres 9.4.
__
Marc
From | Date | Subject | |
---|---|---|---|
Next Message | Andrew Dunstan | 2013-10-10 19:13:56 | Re: dynamic shared memory: wherein I am punished for good intentions |
Previous Message | Peter Eisentraut | 2013-10-10 18:53:21 | Re: Auto-tuning work_mem and maintenance_work_mem |