| From: | Noah Misch <noah(at)leadboat(dot)com> |
|---|---|
| To: | Stephen Frost <sfrost(at)snowman(dot)net> |
| Cc: | Robert Haas <robertmhaas(at)gmail(dot)com>, Dean Rasheed <dean(dot)a(dot)rasheed(at)gmail(dot)com>, Joe Conway <mail(at)joeconway(dot)com>, "pgsql-hackers(at)postgresql(dot)org" <pgsql-hackers(at)postgresql(dot)org> |
| Subject: | Re: RLS open items are vague and unactionable |
| Date: | 2015-11-20 08:11:36 |
| Message-ID: | 20151120081136.GA1486542@tornado.leadboat.com |
| Views: | Raw Message | Whole Thread | Download mbox | Resend email |
| Thread: | |
| Lists: | pgsql-hackers |
On Mon, Sep 28, 2015 at 03:03:51PM -0400, Stephen Frost wrote:
> If SELECT rights are required then apply the SELECT policies, even if
> the actual command is an UPDATE or DELETE. This covers the RETURNING
> case which was discussed previously, so we don't need the explicit check
> for that, and further addresses the concern raised by Zhaomo about
> someone abusing the WHERE clause in an UPDATE or DELETE.
>
> Further, if UPDATE rights are required then apply the UPDATE policies,
> even if the actual command is a SELECT. This addresses the concern that
> a user might be able to lock rows they're not actually allowed to UPDATE
> through the UPDATE policies.
>
> Comments welcome, of course. Barring concerns, I'll get this pushed
> tomorrow.
The CREATE POLICY reference page continues to describe the behavior this patch
replaced, not today's behavior.
| From | Date | Subject | |
|---|---|---|---|
| Next Message | Marko Tiikkaja | 2015-11-20 09:04:00 | Re: COPY (INSERT/UPDATE/DELETE .. RETURNING ..) |
| Previous Message | Michael Paquier | 2015-11-20 07:11:15 | Re: Error with index on unlogged table |