| From: | Zhaomo Yang <zmpgzm(at)gmail(dot)com> |
|---|---|
| To: | Stephen Frost <sfrost(at)snowman(dot)net> |
| Cc: | pgsql-hackers(at)postgresql(dot)org |
| Subject: | Re: CREATE POLICY and RETURNING |
| Date: | 2015-09-23 07:11:46 |
| Message-ID: | CALPr3ow+1NN1u-PLSmkBy07f0qsZ0ALxhz_Wt33s7YyYMNDn+Q@mail.gmail.com |
| Views: | Raw Message | Whole Thread | Download mbox | Resend email |
| Thread: | |
| Lists: | pgsql-hackers |
Stephen,
It'd be great if others who are interested can help define the grammar
> changes necessary
> and perhaps even help with the code aspect of it.
I'd like to help on both. Can you elaborate a little bit more, especially
on the code aspect?
I don't buy that argument.
It is agreed that blind updates and deletes with RETURNING clause are
dangerous. It is quite similar here.
Instead of using
BEGIN
UPDATE-or-DELETE-with-RETURNING
ROLLBACK
as a substitute for SELECT, a malicious user can do a binary search with
some trick like divide-by-zero
to figure out rows he is not allowed to access. Of course, this is not as
serious as RETURNING, but it is still quite convenient for attackers.
Thanks,
Zhaomo
| From | Date | Subject | |
|---|---|---|---|
| Next Message | Amit Kapila | 2015-09-23 07:22:44 | Re: Parallel Seq Scan |
| Previous Message | Shulgin, Oleksandr | 2015-09-23 06:27:40 | Re: Calculage avg. width when operator = is missing |