Re: Review of Row Level Security

Kohei KaiGai <kaigai@kaigai.gr.jp>

From: Kohei KaiGai <kaigai@kaigai.gr.jp>
To: Stephen Frost <sfrost@snowman.net>
Cc: Kevin Grittner <kgrittn@mail.com>, Simon Riggs <simon@2ndquadrant.com>, Tom Lane <tgl@sss.pgh.pa.us>, Robert Haas <robertmhaas@gmail.com>, PostgreSQL-development <pgsql-hackers@postgresql.org>
Date: 2012-12-22T05:18:24Z
Lists: pgsql-hackers
2012/12/21 Stephen Frost <sfrost@snowman.net>:
>> It seems to me we need some more discussion about design and
>> implementation on row-security checks of writer-side, to reach our
>> consensus.
>
> Again, I agree with Kevin on this- there should be a wiki or similar
> which actually outlines the high-level design, syntax, etc.  That would
> help us understand and be able to meaningfully comment about the
> approach.
>
I also. RLS entry of wiki has not been updated for long time, I'll try to
update the entry for high-level design in a couple of days.

>> On the other hand, we are standing next to the consensus about
>> reader-side; a unique row-security policy (so, first version does not
>> support per-command policy) shall be checked on table scanning
>> on select, update or delete commands.
>
> I don't feel that we've really reached a consensus about the
> 'reader-side' implemented in this patch- rather, we've agreed (at a
> pretty high level) what the default impact of RLS for SELECT queries is.
> While I'm glad that we were able to do that, I'm rather dismayed that it
> took a great deal of discussion to get to that point.
>
>         Thanks,
>
>                 Stephen
-- 
KaiGai Kohei <kaigai@kaigai.gr.jp>