From: | Jeff Davis <pgsql(at)j-davis(dot)com> |
---|---|
To: | pgsql-hackers(at)postgresql(dot)org |
Subject: | Inconsistency with EXPLAIN ANALYZE CREATE MATERIALIZED VIEW |
Date: | 2024-08-01 18:27:31 |
Message-ID: | 20444c382e6cb5e21e93c94d679d0198b0dba4dd.camel@j-davis.com |
Views: | Raw Message | Whole Thread | Download mbox | Resend email |
Thread: | |
Lists: | pgsql-hackers |
EXPLAIN ANALYZE CREATE MATERIALIZED VIEW doesn't go through
ExecCreateTableAs(), but does use CreateIntoRelDestReceiver().
That bypasses the SECURITY_RESTRICTED_OPERATION in ExecCreateTableAs().
That is *not* a security problem, because the
SECURITY_RESTRICTED_OPERATION in CREATE MATERIALIZED VIEW is merely for
consistency with a later REFRESH MATERIALIZED VIEW command where the
SECURITY_RESTRICTED_OPERATION is important.
But it is inconsistent. For example:
create or replace function set() returns int
language plpgsql as $$
begin
create temp table x(i int);
return 42;
end;
$$;
create materialized view mv1 as select set(); -- fails
explain analyze
create materialized view mv1 as select set(); -- succeeds
Relatedly, if we can EXPLAIN a CREATE MATERIALIZED VIEW, perhaps we
should be able to EXPLAIN a REFRESH MATERIALIZED VIEW, too?
Comments?
Regards,
Jeff Davis
From | Date | Subject | |
---|---|---|---|
Next Message | Jeff Davis | 2024-08-01 18:31:53 | Re: MAINTAIN privilege -- what do we need to un-revert it? |
Previous Message | Euler Taveira | 2024-08-01 18:09:15 | Re: rare crash - FailedAssertion snapbuild.c Line: 580 |