Re: 8.4 release planning
Kouhei Kaigai <kaigai@ak.jp.nec.com>
From: KaiGai Kohei <kaigai@ak.jp.nec.com>
To: Greg Smith <gsmith@gregsmith.com>
Cc: Tom Lane <tgl@sss.pgh.pa.us>, Joshua Brindle <method@manicmethod.com>, Josh Berkus <josh@agliodbs.com>, Stephen Frost <sfrost@snowman.net>, Gregory Stark <stark@enterprisedb.com>, Robert Haas <robertmhaas@gmail.com>, Simon Riggs <simon@2ndQuadrant.com>, Ron Mayer <rm_pg@cheapcomplexdevices.com>, "Joshua D. Drake" <jd@commandprompt.com>, Merlin Moncure <mmoncure@gmail.com>, "Jonah H. Harris" <jonah.harris@gmail.com>, Bruce Momjian <bruce@momjian.us>, Bernd Helmle <mailings@oopsware.de>, Peter Eisentraut <peter_e@gmx.net>, pgsql-hackers@postgresql.org
Date: 2009-01-28T05:02:08Z
Lists: pgsql-hackers
Greg Smith wrote: > Where I suspect this is all is going to settle down into is that if 1) > the SE GUC is on and 2) one of the tables in a join has rows filtered, > then you can expect that a) it's possible that the result will leak > information, which certainly need to be documented, and b) the > optimizations Tom mentioned that "assume foreign key constraints hold" > will not be possible to implement, so performance will suck compared to > a similar situation in an unsecured environment. c) security feature gives the optimizer a hint "don't optimize out this table, please!" via a security hook. I think it is a quite reasonable approach, as I noted in another message. Thanks, -- OSS Platform Development Division, NEC KaiGai Kohei <kaigai@ak.jp.nec.com>