Re: leaky views, yet again

Tom Lane <tgl@sss.pgh.pa.us>

From: Tom Lane <tgl@sss.pgh.pa.us>
To: Heikki Linnakangas <heikki.linnakangas@enterprisedb.com>
Cc: Greg Stark <gsstark@mit.edu>, Robert Haas <robertmhaas@gmail.com>, KaiGai Kohei <kaigai@kaigai.gr.jp>, KaiGai Kohei <kaigai@ak.jp.nec.com>, Itagaki Takahiro <itagaki.takahiro@gmail.com>, pgsql-hackers@postgresql.org
Date: 2010-10-05T18:48:08Z
Lists: pgsql-hackers
Heikki Linnakangas <heikki.linnakangas@enterprisedb.com> writes:
> On 05.10.2010 21:08, Greg Stark wrote:
>> If the users that have select access on the view don't have DDL access
>> doesn't that make them leak-proof for those users?

> No. You can use built-in functions for leaking data as well.

There's a difference between "can be used to extract data wholesale"
and "can be used to probe for the existence of a specific value".
We might need to start using more specific terminology than "leak".

			regards, tom lane