From: | Stephen Frost <sfrost(at)snowman(dot)net> |
---|---|
To: | Konstantin Knizhnik <k(dot)knizhnik(at)postgrespro(dot)ru> |
Cc: | pgsql-bugs(at)lists(dot)postgresql(dot)org |
Subject: | Re: Numeric is not leakproof |
Date: | 2019-12-03 20:43:11 |
Message-ID: | 20191203204311.GU6962@tamriel.snowman.net |
Views: | Raw Message | Whole Thread | Download mbox | Resend email |
Thread: | |
Lists: | pgsql-bugs |
Greetings,
* Konstantin Knizhnik (k(dot)knizhnik(at)postgrespro(dot)ru) wrote:
> Numeric functions are not marked as leakproof in pg_proc.dat
> It cause unexpected behavior in case of using row-level security:
The behavior you're getting is *entirely* expected, just to be clear.
Perhaps unfortunate and not as performant as you were hoping, but
definitely not unexpected.
As Tom noted downthread, you can't just mark things 'leakproof' because
you want them to be able to be used in an index- you need to actually
show that they're leakproof.
> I have not checked all other builtin type.
> But it seems to me that it may be reasonable to mark ALL builtin functions
> (described in pg_proc.dat) as leekprof by default.
Absolutely not without careful verification of each and every one.
There's nothing that guarantees builtins are leakproof (and indeed,
there's no shortage of ones that are clearly *not* leakproof today).
I'd love it for someone to go through and fix them all to actually be
leakproof (or at least all of the ones that might be used with an index)
but that clearly hasn't been done here.
Thanks,
Stephen
From | Date | Subject | |
---|---|---|---|
Next Message | Chris Bandy | 2019-12-03 21:33:28 | Re: BUG #16041: Error shows up both in pgAdmin and in Ruby (pg gem) - Segmentation fault |
Previous Message | Stephen Frost | 2019-12-03 20:35:26 | Re: LDAPS trusted ca support |