Home > mailing lists

Re: Using views for row-level access control is leaky - Mailing list pgsql-hackers

From	Richard Huxton
Subject	Re: Using views for row-level access control is leaky
Date	October 22, 2009 08:19:36
Msg-id	4AE03FB7.5050102@archonet.com Whole thread Raw
In response to	Re: Using views for row-level access control is leaky (Pavel Stehule <pavel.stehule@gmail.com>)
Responses	Re: Using views for row-level access control is leaky
List	pgsql-hackers

Tree view

Pavel Stehule wrote:
> 2009/10/22 Heikki Linnakangas <heikki.linnakangas@enterprisedb.com>:
>> That example I ran on CVS HEAD, but it's a generic problem on all versions.
> postgres=# select version();
>                                                    version
> ────────────────────────────────────────────────────────────────────────────────────
>  PostgreSQL 8.5devel on i686-pc-linux-gnu, compiled by GCC gcc (GCC)
> 4.4.1 20090725
> (1 row)
>
> postgres=# select * from x;
>  a  │ b
> ────┼────
>  10 │ 20
> (1 row)
>
> postgres=# create view v as select * from x where b <> 20;                                                   ^^^^^^^
This is the expression that needs to be expensive. Then the exposing
function needs to be cheap. That makes the planner run the exposing
function first.

--  Richard Huxton Archonet Ltd

pgsql-hackers by date:

From: Pavel Stehule
Date: 22 October 2009, 08:15:21
Subject: Re: Using views for row-level access control is leaky

From: Pavel Stehule
Date: 22 October 2009, 08:26:19
Subject: Re: Using views for row-level access control is leaky

Re: Using views for row-level access control is leaky - Mailing list pgsql-hackers

Previous

Next