Quick Links

Re: [PATCH] Fix leaky VIEWs for RLS

From:	Robert Haas <robertmhaas(at)gmail(dot)com>
To:	KaiGai Kohei <kaigai(at)ak(dot)jp(dot)nec(dot)com>
Cc:	Stephen Frost <sfrost(at)snowman(dot)net>, Tom Lane <tgl(at)sss(dot)pgh(dot)pa(dot)us>, Heikki Linnakangas <heikki(dot)linnakangas(at)enterprisedb(dot)com>, marc(at)bloodnok(dot)com, pgsql-hackers(at)postgresql(dot)org
Subject:	Re: [PATCH] Fix leaky VIEWs for RLS
Date:	2010-06-08 02:15:36
Message-ID:	AANLkTinLBHZtyjPH1kwE2AV9ofcEwlntPxIctgLK5ZdJ@mail.gmail.com
Views:	Raw Message \| Whole Thread \| Download mbox \| Resend email
Thread:
Lists:	pgsql-hackers

2010/6/7 KaiGai Kohei <kaigai(at)ak(dot)jp(dot)nec(dot)com>:
> Our headache is on functions categorized to middle-threat. It enables to
> leak the given arguments using error messages. Here are several ideas,
> but they have good and bad points.

I think we are altogether off in the weeds here. We ought to start
with an implementation that pushes nothing down, and then try to
figure out how much we can relax that without too much compromising
security.

--
Robert Haas
EnterpriseDB: http://www.enterprisedb.com
The Enterprise Postgres Company

In response to

Re: [PATCH] Fix leaky VIEWs for RLS at 2010-06-08 02:10:13 from KaiGai Kohei

Responses

Re: [PATCH] Fix leaky VIEWs for RLS at 2010-06-08 02:19:52 from Stephen Frost
Re: [PATCH] Fix leaky VIEWs for RLS at 2010-06-08 02:25:18 from KaiGai Kohei
Re: [PATCH] Fix leaky VIEWs for RLS at 2010-06-09 06:01:13 from KaiGai Kohei

Browse pgsql-hackers by date

	From	Date	Subject
Next Message	Stephen Frost	2010-06-08 02:19:52	Re: [PATCH] Fix leaky VIEWs for RLS
Previous Message	KaiGai Kohei	2010-06-08 02:10:13	Re: [PATCH] Fix leaky VIEWs for RLS