| From: | Kohei KaiGai <kaigai(at)kaigai(dot)gr(dot)jp> |
|---|---|
| To: | Tom Lane <tgl(at)sss(dot)pgh(dot)pa(dot)us> |
| Cc: | Florian Pflug <fgp(at)phlo(dot)org>, Robert Haas <robertmhaas(at)gmail(dot)com>, PgHacker <pgsql-hackers(at)postgresql(dot)org> |
| Subject: | Re: [RFC] Interface of Row Level Security |
| Date: | 2012-06-04 19:41:53 |
| Message-ID: | CADyhKSVG7nOjANkWmt1J80bbR=Z2xFtkegkbBXXGRkk1YCQHQQ@mail.gmail.com |
| Views: | Raw Message | Whole Thread | Download mbox | Resend email |
| Thread: | |
| Lists: | pgsql-hackers |
2012/6/4 Tom Lane <tgl(at)sss(dot)pgh(dot)pa(dot)us>:
> Kohei KaiGai <kaigai(at)kaigai(dot)gr(dot)jp> writes:
>> Here is two problems around RLSBYPASS. The first is we have
>> no idea to handle invalidation of prepared-statement when current
>> user is switched, right now.
>
> How is that specifically the fault of RLSBYPASS? *Any* of the schemes
> you're proposing for inlined RLS checks will have problems with userID
> switching.
>
Really? I don't find out a scenario that cause a problem with user-id
switching in case when RLS policy is *unconditionally* appended then
evaluated on executor stage. I'd like to see the scenario.
> My guess is we'd have to treat the effective userID as part of the
> plancache lookup key to make it safe to inline anything related to RLS.
>
It might be a solution, if we append individual RLS policy at the
planner stage, depending on user-id.
Thanks,
--
KaiGai Kohei <kaigai(at)kaigai(dot)gr(dot)jp>
| From | Date | Subject | |
|---|---|---|---|
| Next Message | Christopher Browne | 2012-06-04 19:49:37 | Re: Re: [COMMITTERS] pgsql: Send new protocol keepalive messages to standby servers. |
| Previous Message | Tom Lane | 2012-06-04 18:09:44 | Re: Btree or not btree? That is the question |