| From: | Kohei KaiGai <kaigai(at)kaigai(dot)gr(dot)jp> |
|---|---|
| To: | Robert Haas <robertmhaas(at)gmail(dot)com> |
| Cc: | Tom Lane <tgl(at)sss(dot)pgh(dot)pa(dot)us>, Noah Misch <noah(at)leadboat(dot)com>, Kevin Grittner <Kevin(dot)Grittner(at)wicourts(dot)gov>, Kohei(dot)Kaigai(at)emea(dot)nec(dot)com, thom(at)linux(dot)com, pgsql-hackers(at)postgresql(dot)org |
| Subject: | Re: [v9.2] Fix Leaky View Problem |
| Date: | 2011-10-21 14:36:03 |
| Message-ID: | CADyhKSU98G7fjm6bWtcYXQ381Gsx04SHmkjLuwHAG9ZMT4zGiw@mail.gmail.com |
| Views: | Raw Message | Whole Thread | Download mbox | Resend email |
| Thread: | |
| Lists: | pgsql-hackers |
So, I will split the patch into two parts as follows, in the next commit fest.
Part-1) Views with security_barrier reloption
The part-1 portion provides views "security_barrier" reloption; that enables
to keep sub-queries unflatten in the prepjoin.c stage.
In addition, these sub-queries (that originally come from views with
"security_barrier" option) don't allow to push down qualifiers from upper
level. It shall prevent both of the problematic scenarios.
Part-2) Functions with leakproof attribute
The part-2 portion provides functions "leakproof" attribute; that enables
to push down leakproof functions into sub-queries, even if it originally
come from security views.
It shall minimize performance damages when we use view for row-level
security purpose.
2011/10/19 Tom Lane <tgl(at)sss(dot)pgh(dot)pa(dot)us>:
> Robert Haas <robertmhaas(at)gmail(dot)com> writes:
>> Well, there's clearly some way to prevent pushdown from happening,
>> because sticking a LIMIT in there does the trick...
>
> I already pointed you at subquery_is_pushdown_safe ...
>
> regards, tom lane
>
--
KaiGai Kohei <kaigai(at)kaigai(dot)gr(dot)jp>
| From | Date | Subject | |
|---|---|---|---|
| Next Message | Phil Sorber | 2011-10-21 14:42:37 | Re: pg_dumpall Sets Roll default_tablespace Before Creating Tablespaces |
| Previous Message | Robert Haas | 2011-10-21 13:02:14 | Re: [v9.2] DROP statement reworks |