From: | Stephen Frost <sfrost(at)snowman(dot)net> |
---|---|
To: | Yeb Havinga <y(dot)t(dot)havinga(at)mgrid(dot)net> |
Cc: | Craig Ringer <craig(at)2ndquadrant(dot)com>, PostgreSQL Hackers <pgsql-hackers(at)postgresql(dot)org>, Greg Smith <greg(dot)smith(at)crunchydatasolutions(dot)com>, Simon Riggs <simon(at)2ndquadrant(dot)com>, Kohei KaiGai <kaigai(at)kaigai(dot)gr(dot)jp>, Dean Rasheed <dean(dot)a(dot)rasheed(at)gmail(dot)com>, Yeb Havinga <yebhavinga(at)gmail(dot)com> |
Subject: | Re: Prohibit row-security + inheritance in 9.4? |
Date: | 2014-01-31 15:05:42 |
Message-ID: | 20140131150542.GI2921@tamriel.snowman.net |
Views: | Raw Message | Whole Thread | Download mbox | Resend email |
Thread: | |
Lists: | pgsql-hackers |
* Yeb Havinga (y(dot)t(dot)havinga(at)mgrid(dot)net) wrote:
> IMHO, there is another way to implement this, other than the
> procedure to override the child-rel-quals with the ones from the
> parent. At DDL time, synchronize quals on the parent with rls quals
> of the childs. Isn't this also what happens with constraints?
No, we're not going to do that. We don't do it for GRANT and I don't
think it makes sense to do it here.
If we wanted to make them the same then we'd throw out the ability to do
any kind of changes or actions on the child and then we'd have actual
partitioning. We don't have that though, we have inheiritance.
> Then during expansion of the range table, no code is needed to
> ignore child rls quals and copy parent rels to child rels.
This is what's already implemented and isn't a huge amount of code to
begin with, so I don't see this as being an argument against having the
flexibility.
> Also, the security policy applied would be invariant to the route
> through which the rows were accessed:
You could also get this by simply only allowing access to the parent and
not granting any privileges on the children.
> - directly to the child row: child rls quals and parent quals (by
> propagate at ddl) are applied.
> - through the parent: child rls quals and parent quals applied.
If you want them to be the same then you can implement this yourself
without having PG force it on you.
Thanks,
Stephen
From | Date | Subject | |
---|---|---|---|
Next Message | Andres Freund | 2014-01-31 15:08:20 | Re: Recovery inconsistencies, standby much larger than primary |
Previous Message | Greg Stark | 2014-01-31 14:59:21 | Re: Recovery inconsistencies, standby much larger than primary |