Re: leaky views, yet again
Tom Lane <tgl@sss.pgh.pa.us>
From: Tom Lane <tgl@sss.pgh.pa.us>
To: Heikki Linnakangas <heikki.linnakangas@enterprisedb.com>
Cc: Greg Stark <gsstark@mit.edu>, Robert Haas <robertmhaas@gmail.com>, KaiGai Kohei <kaigai@kaigai.gr.jp>, KaiGai Kohei <kaigai@ak.jp.nec.com>, Itagaki Takahiro <itagaki.takahiro@gmail.com>, pgsql-hackers@postgresql.org
Date: 2010-10-05T18:48:08Z
Lists: pgsql-hackers
Heikki Linnakangas <heikki.linnakangas@enterprisedb.com> writes: > On 05.10.2010 21:08, Greg Stark wrote: >> If the users that have select access on the view don't have DDL access >> doesn't that make them leak-proof for those users? > No. You can use built-in functions for leaking data as well. There's a difference between "can be used to extract data wholesale" and "can be used to probe for the existence of a specific value". We might need to start using more specific terminology than "leak". regards, tom lane