Re: [PATCH] Fix leaky VIEWs for RLS
Kouhei Kaigai <kaigai@ak.jp.nec.com>
From: KaiGai Kohei <kaigai@ak.jp.nec.com>
To: Robert Haas <robertmhaas@gmail.com>
Cc: Stephen Frost <sfrost@snowman.net>, Tom Lane <tgl@sss.pgh.pa.us>, Heikki Linnakangas <heikki.linnakangas@enterprisedb.com>, marc@bloodnok.com, pgsql-hackers@postgresql.org
Date: 2010-06-08T02:25:18Z
Lists: pgsql-hackers
(2010/06/08 11:15), Robert Haas wrote: > 2010/6/7 KaiGai Kohei<kaigai@ak.jp.nec.com>: >> Our headache is on functions categorized to middle-threat. It enables to >> leak the given arguments using error messages. Here are several ideas, >> but they have good and bad points. > > I think we are altogether off in the weeds here. We ought to start > with an implementation that pushes nothing down, and then try to > figure out how much we can relax that without too much compromising > security. > It seems to me fair enough. I think we can adjust what functions are harmless, and whats are not later. Thanks, -- KaiGai Kohei <kaigai@ak.jp.nec.com>