[REVIEW] row level security (v3)

From: Mike Blackwell <mike(dot)blackwell(at)rrd(dot)com>
To: Kohei KaiGai <kaigai(at)kaigai(dot)gr(dot)jp>
Cc: PgHacker <pgsql-hackers(at)postgresql(dot)org>, Atri Sharma <atri(dot)jiit(at)gmail(dot)com>
Subject: [REVIEW] row level security (v3)
Date: 2013-07-09 19:28:58
Message-ID: CANPAkgvCeArBy0xZgkMjsD8Cav5LapwbAmc5f1AjS+Hn24gNsA@mail.gmail.com
Views: Raw Message | Whole Thread | Download mbox | Resend email
Thread:
Lists: pgsql-hackers

The most recent patch (v3) applies and builds cleanly and passes make
check. Documentation on the new SQL syntax and catalog changes is included
with the patch and looks good to me.

The regression tests look pretty complete. In addition to the included
tests, dropping and altering the data type on a column referenced in the
security clause work as expected, rejecting the change with a dependency
error. Renaming a column succeeds as expected.

pg_dump and restore properly was also successful.

I noticed that the security clause is visible to any user via psql \dt+, as
well as in the pg_rowsecurity view. Perhaps this should be mentioned in
the relevant section of user-manag.sgml so users realize any sensitive
information in the security clause isn't secure.

What I've checked looks good. I don't feel qualified to do a code review
so that's still outstanding. I believe Atri will be looking at that.

____________________________________________________________
______________________

*Mike Blackwell | Technical Analyst, Distribution Services/Rollout
Management | RR Donnelley*
1750 Wallace Ave | St Charles, IL 60174-3401
Office: 630.313.7818
Mike(dot)Blackwell(at)rrd(dot)com
http://www.rrdonnelley.com

<http://www.rrdonnelley.com/>
* <Mike(dot)Blackwell(at)rrd(dot)com>*

Responses

Browse pgsql-hackers by date

  From Date Subject
Next Message Tom Lane 2013-07-09 19:35:42 Re: robots.txt on git.postgresql.org
Previous Message Magnus Hagander 2013-07-09 19:21:42 Re: robots.txt on git.postgresql.org