| From: | Dean Rasheed <dean(dot)a(dot)rasheed(at)gmail(dot)com> |
|---|---|
| To: | Haribabu Kommi <kommi(dot)haribabu(at)gmail(dot)com> |
| Cc: | Stephen Frost <sfrost(at)snowman(dot)net>, "pgsql-hackers(at)postgresql(dot)org" <pgsql-hackers(at)postgresql(dot)org> |
| Subject: | Re: RLS bug in expanding security quals |
| Date: | 2015-10-08 16:50:12 |
| Message-ID: | CAEZATCUYtfH8KiyDfE-mAagfAHLPS=z_MXSwBAeo9MkmHPrJ9Q@mail.gmail.com |
| Views: | Whole Thread | Raw Message | Download mbox | Resend email |
| Thread: | |
| Lists: | pgsql-hackers |
On 8 October 2015 at 15:05, Dean Rasheed <dean(dot)a(dot)rasheed(at)gmail(dot)com> wrote:
> Attached is a simple patch that appears to work, but it needs more
> testing (and some regression tests).
>
Here's an updated patch with an extra regression test case that
triggers the issue.
I've also updated the function comment for expand_security_quals() to
better explain the situations where it actually has work to do --
tables with RLS and updates to auto-updatable security barrier views,
but not SELECTs from security berrier views. This explains why this
bug doesn't affect security barrier views (UNION ALL views aren't
auto-updatable), so only 9.5 and HEAD need to be patched.
Regards,
Dean
| Attachment | Content-Type | Size |
|---|---|---|
| rls-bug.patch | text/x-patch | 3.2 KB |
| From | Date | Subject | |
|---|---|---|---|
| Next Message | Nathan Wagner | 2015-10-08 17:11:20 | Re: bugs and bug tracking |
| Previous Message | David Christensen | 2015-10-08 16:43:05 | Re: [PATCH] Teach Catalog.pm how many attributes there should be per DATA() line |