From: | Heikki Linnakangas <hlinnakangas(at)vmware(dot)com> |
---|---|
To: | Stephen Frost <sfrost(at)snowman(dot)net> |
Cc: | Simon Riggs <simon(at)2ndquadrant(dot)com>, Damian Wolgast <damian(dot)wolgast(at)si-co(dot)net>, PostgreSQL-development <pgsql-hackers(at)postgresql(dot)org> |
Subject: | Re: Column Redaction |
Date: | 2014-10-10 11:15:43 |
Message-ID: | 5437BFDF.9010202@vmware.com |
Views: | Raw Message | Whole Thread | Download mbox | Resend email |
Thread: | |
Lists: | pgsql-hackers |
On 10/10/2014 02:05 PM, Stephen Frost wrote:
> * Heikki Linnakangas (hlinnakangas(at)vmware(dot)com) wrote:
>> On 10/10/2014 01:35 PM, Stephen Frost wrote:
>>> Regarding functions, 'leakproof' functions should be alright to allow,
>>> though Heikki brings up a good point regarding binary search being
>>> possible in a plpgsql function (or even directly by a client). Of
>>> course, that approach also requires that you have a specific item in
>>> mind.
>>
>> It doesn't require that you have a specific item in mind. Binary
>> search is cheap, O(log n). It's easy to write a function to do a
>> binary search on a single item, passed as argument, and then apply
>> that to all rows:
>>
>> SELECT binary_search_reveal(cardnumber) FROM redacted_table;
>
> Note that your binary_search_reveal wouldn't be marked as leakproof and
> therefore this wouldn't be allowed. If this was allowed, you'd simply
> do "raise notice" inside the function and call it a day.
*shrug*, just do the same with a more complicated query, then. Even if
you can't create a function that does that, you can still execute the
same logic without a function.
- Heikki
From | Date | Subject | |
---|---|---|---|
Next Message | Greg Stark | 2014-10-10 11:16:08 | Re: Yet another abort-early plan disaster on 9.3 |
Previous Message | Hannu Krosing | 2014-10-10 11:11:16 | Re: Column Redaction |