| From: | Yaroslav <ladayaroslav(at)yandex(dot)ru> |
|---|---|
| To: | pgsql-hackers(at)postgresql(dot)org |
| Subject: | A little RLS oversight? |
| Date: | 2015-07-12 08:59:07 |
| Message-ID: | 1436691547878-5857659.post@n5.nabble.com |
| Views: | Raw Message | Whole Thread | Download mbox | Resend email |
| Thread: | |
| Lists: | pgsql-hackers |
Hi.
I've tried RLS for a little (in PostgreSQL 9.5alpha1), and want to ask why
this wasn't taken in account
in its implementation:
"Rather than look at pg_statistic directly, it's better to look at its view
pg_stats when examining the statistics manually. pg_stats is designed to be
more easily readable. Furthermore, pg_stats is readable by all, whereas
pg_statistic is only readable by a superuser. (This prevents unprivileged
users from learning something about the contents of other people's tables
from
the statistics. The pg_stats view is restricted to show only rows about
tables
that the current user can read.)"
i.e. after:
ALTER TABLE test ENABLE ROW LEVEL SECURITY;
I can still see all statistics for 'test' in pg_stats under unprivileged
user.
I'd prefer statistics on RLS-enabled tables to be simply hidden completely
for unprivileged users.
-----
WBR, Yaroslav Schekin.
--
View this message in context: http://postgresql.nabble.com/A-little-RLS-oversight-tp5857659.html
Sent from the PostgreSQL - hackers mailing list archive at Nabble.com.
| From | Date | Subject | |
|---|---|---|---|
| Next Message | Shay Rojansky | 2015-07-12 09:30:34 | Making ParameterStatus available for more parameter types? |
| Previous Message | Shulgin, Oleksandr | 2015-07-12 08:29:52 | Re: [PATCH] Generalized JSON output functions |