| From: | Stephen Frost <sfrost(at)snowman(dot)net> |
|---|---|
| To: | Haribabu Kommi <kommi(dot)haribabu(at)gmail(dot)com> |
| Cc: | Dean Rasheed <dean(dot)a(dot)rasheed(at)gmail(dot)com>, "pgsql-hackers(at)postgresql(dot)org" <pgsql-hackers(at)postgresql(dot)org> |
| Subject: | Re: RLS bug in expanding security quals |
| Date: | 2015-10-09 14:52:35 |
| Message-ID: | 20151009145235.GM3685@tamriel.snowman.net |
| Views: | Raw Message | Whole Thread | Download mbox | Resend email |
| Thread: | |
| Lists: | pgsql-hackers |
* Haribabu Kommi (kommi(dot)haribabu(at)gmail(dot)com) wrote:
> On Fri, Oct 9, 2015 at 3:50 AM, Dean Rasheed <dean(dot)a(dot)rasheed(at)gmail(dot)com> wrote:
> > On 8 October 2015 at 15:05, Dean Rasheed <dean(dot)a(dot)rasheed(at)gmail(dot)com> wrote:
> >> Attached is a simple patch that appears to work, but it needs more
> >> testing (and some regression tests).
> >>
> >
> > Here's an updated patch with an extra regression test case that
> > triggers the issue.
> >
> > I've also updated the function comment for expand_security_quals() to
> > better explain the situations where it actually has work to do --
> > tables with RLS and updates to auto-updatable security barrier views,
> > but not SELECTs from security berrier views. This explains why this
> > bug doesn't affect security barrier views (UNION ALL views aren't
> > auto-updatable), so only 9.5 and HEAD need to be patched.
>
> Thanks for the patch. I didn't find any problem in my test with the patch.
Excellent, fix pushed.
I also updated the Open Items wiki (putting this under 'resolved after
9.5beta1), in case folks run into it while testing beta1.
Thanks!
Stephen
| From | Date | Subject | |
|---|---|---|---|
| Next Message | Stephen Frost | 2015-10-09 14:54:59 | Re: Multi-tenancy with RLS |
| Previous Message | Tomas Vondra | 2015-10-09 14:32:31 | Re: PATCH: index-only scans with partial indexes |