Re: [v9.3] Row-Level Security

Florian G. Pflug <fgp@phlo.org>

From: Florian Pflug <fgp@phlo.org>
To: Tom Lane <tgl@sss.pgh.pa.us>
Cc: Kohei KaiGai <kaigai@kaigai.gr.jp>, Robert Haas <robertmhaas@gmail.com>, PgHacker <pgsql-hackers@postgresql.org>
Date: 2012-06-28T15:34:13Z
Lists: pgsql-hackers
On Jun28, 2012, at 17:29 , Tom Lane wrote:
> Kohei KaiGai <kaigai@kaigai.gr.jp> writes:
>> 2012/6/27 Florian Pflug <fgp@phlo.org>:
>>> Hm, what happens if a SECURITY DEFINER functions returns a refcursor?
> 
>> My impression is, here is no matter even if SECURITY DEFINER function
>> returns refcursor.
> 
> I think Florian has a point: it *should* work, but *will* it?
> 
> I believe it works today, because the executor only applies permissions
> checks during query startup.  So those checks are executed while still
> within the SECURITY DEFINER context, and should behave as expected.
> Subsequently, the cursor portal is returned to caller and caller can
> execute it to completion, no problem.

Don't we (sometimes?) defer query startup to the first time FETCH is
called?

best regards,
Florian Pflug