Re: Multivariate MCV stats can leak data to unprivileged users

Tomas Vondra <tomas.vondra@2ndquadrant.com>

From: Tomas Vondra <tomas.vondra@2ndquadrant.com>
To: Dean Rasheed <dean.a.rasheed@gmail.com>
Cc: Tom Lane <tgl@sss.pgh.pa.us>, Stephen Frost <sfrost@snowman.net>, Andres Freund <andres@anarazel.de>, PostgreSQL Hackers <pgsql-hackers@postgresql.org>
Date: 2019-06-15T23:24:28Z
Lists: pgsql-hackers
On Thu, Jun 13, 2019 at 07:37:45PM +0200, Tomas Vondra wrote:
> ...
>
>OK, attached are patches fixing the issues reported by you and John
>Naylor, and squashing the parts into just two patches (catalog split and
>pg_stats_ext). Barring objections, I'll push those tomorrow.
>
>I've renamed columns in the _data catalog from 'stx' to 'stxd', which I
>think is appropriate given the "data" in catalog name.
>
>I'm wondering if we should change the examples in SGML docs (say, in
>planstats.sgml) to use the new pg_stats_ext view, instead of querying the
>catalogs directly. I've tried doing that, but I found the results less
>readable than what we currently have (especially for the MCV list, where
>it'd require matching elements in multiple arrays). So I've left this
>unchanged for now.
>

I've pushed those changes, after adding docs for the pg_stats_ext view.


regards

-- 
Tomas Vondra                  http://www.2ndQuadrant.com
PostgreSQL Development, 24x7 Support, Remote DBA, Training & Services 



Commits

  1. Add security checks to the multivariate MCV estimation code.

  2. Add pg_stats_ext view for extended statistics

  3. Rework the pg_statistic_ext catalog