Home > mailing lists

Re: Using views for row-level access control is leaky - Mailing list pgsql-hackers

From	Tom Lane
Subject	Re: Using views for row-level access control is leaky
Date	October 23, 2009 11:04:49
Msg-id	9939.1256306669@sss.pgh.pa.us Whole thread Raw
In response to	Re: Using views for row-level access control is leaky (Simon Riggs <simon@2ndQuadrant.com>)
Responses	Re: Using views for row-level access control is leaky Re: Using views for row-level access control is leaky Re: Using views for row-level access control is leaky
List	pgsql-hackers

Tree view

Simon Riggs <simon@2ndQuadrant.com> writes:
> On Fri, 2009-10-23 at 19:38 +0900, KaiGai Kohei wrote:
>> Sorry, what is happen if function is marked as "plan security"?

> I was suggesting an intelligent default by which we could determine
> function marking implicitly, if it was not explicitly stated on the
> CREATE FUNCTION.

The thought that's been in the back of my mind is that you could solve
99% of the performance problem if you trusted all builtin functions and
nothing else.  This avoids the question of who gets to mark functions
as trustable.
        regards, tom lane

pgsql-hackers by date:

From: Tom Lane
Date: 23 October 2009, 10:52:46
Subject: Re: plpgsql EXECUTE will not set FOUND

From: Robert Haas
Date: 23 October 2009, 11:16:37
Subject: Re: plpgsql EXECUTE will not set FOUND

Re: Using views for row-level access control is leaky - Mailing list pgsql-hackers

Previous

Next