| From: | Dean Rasheed <dean(dot)a(dot)rasheed(at)gmail(dot)com> |
|---|---|
| To: | Stephen Frost <sfrost(at)snowman(dot)net> |
| Cc: | Alvaro Herrera <alvherre(at)2ndquadrant(dot)com>, PostgreSQL Hackers <pgsql-hackers(at)postgresql(dot)org> |
| Subject: | Re: [COMMITTERS] pgsql: Row-Level Security Policies (RLS) |
| Date: | 2015-05-27 07:11:16 |
| Message-ID: | CAEZATCWK=YjbKF3mGPW=astWK7pmNWdcU26_RGszgkRXsDNV4Q@mail.gmail.com |
| Views: | Raw Message | Whole Thread | Download mbox | Resend email |
| Thread: | |
| Lists: | pgsql-committers pgsql-hackers |
On 27 May 2015 at 02:42, Stephen Frost <sfrost(at)snowman(dot)net> wrote:
> Now, looking at the code, I'm actually failing to see a case where we
> use the RowSecurityPolicy->policy_name.. Perhaps *that's* what we
> should be looking to remove?
>
If we add support for restrictive policies, it would be possible, and
I think desirable, to report on which policy was violated. For that,
having the policy name would be handy. We might also arguably decide
to enforce restrictive RLS policies in name order, like check
constraints. Of course none of that means it must be kept now, but it
feels like a useful field to keep nonetheless.
Regards,
Dean
| From | Date | Subject | |
|---|---|---|---|
| Next Message | Amit Kapila | 2015-05-27 10:48:29 | Re: Re: [COMMITTERS] pgsql: Add support for INSERT ... ON CONFLICT DO NOTHING/UPDATE. |
| Previous Message | Andrew Dunstan | 2015-05-27 02:56:44 | pgsql: Revert "Add all structured objects passed to pushJsonbValue piec |
| From | Date | Subject | |
|---|---|---|---|
| Next Message | Naoya Anzai | 2015-05-27 08:13:22 | Re: why does txid_current() assign new transaction-id? |
| Previous Message | Abhijit Menon-Sen | 2015-05-27 06:43:29 | Re: fsync-pgdata-on-recovery tries to write to more files than previously |