Re: Improving RLS qual pushdown

From: Stephen Frost <sfrost(at)snowman(dot)net>
To: Dean Rasheed <dean(dot)a(dot)rasheed(at)gmail(dot)com>
Cc: PostgreSQL Hackers <pgsql-hackers(at)postgresql(dot)org>
Subject: Re: Improving RLS qual pushdown
Date: 2015-01-09 16:12:12
Message-ID: 20150109161211.GW3062@tamriel.snowman.net
Views: Raw Message | Whole Thread | Download mbox | Resend email
Thread:
Lists: pgsql-hackers

Dean,

* Dean Rasheed (dean(dot)a(dot)rasheed(at)gmail(dot)com) wrote:
> A while ago [1] I proposed an enhancement to the way qual pushdown
> safety is decided in RLS / security barrier views. Currently we just
> test for the presence of leaky functions in the qual, but it is
> possible to do better than that, by further testing if the leaky
> function is actually being passed information that we don't want to be
> leaked.

This certainly sounds reasonable to me.

> In fact the majority of builtin functions aren't marked leakproof, and
> probably most user functions aren't either, so this could potentially
> be useful in a wide range of real-world queries, where it is common to
> write quals of the form <column> <operator> <expression>, and the
> expression may contain leaky functions.

Agreed.

Looks like you've already added it to the next commitfest, which is
great. I'm definitely interested but probably won't get to it right
away as I have a few other things to address.

Thanks!

Stephen

In response to

Browse pgsql-hackers by date

  From Date Subject
Next Message Tom Lane 2015-01-09 16:34:24 Re: Fixing memory leak in pg_upgrade
Previous Message Stephen Frost 2015-01-09 16:08:15 Re: Comment typo in src/backend/executor/execMain.c