> On Jun 30, 2026, at 16:00, Chao Li <[email protected]> wrote:
> 
> 
> 
>> On Jun 30, 2026, at 15:51, Ayush Tiwari <[email protected]> wrote:
>> 
>> Hi,
>> 
>> On Tue, 30 Jun 2026 at 13:16, Chao Li <[email protected]> wrote:
>> Hi,
>> 
>> While revisiting “[8e72d914c] Add UPDATE/DELETE FOR PORTION OF”, I found a 
>> new issue where inserting leftover rows may skip row-level security checks.
>> 
>> Please see if it is the same as this:  PostgreSQL: Enforce INSERT RLS checks 
>> for FOR PORTION OF leftovers? 
>> 
>> If yes, it is already present in the PG 19 open list.
>> 
>> Regards,
>> Ayush  
> 
> Thanks for pointing that out. I didn’t notice that thread.
> 
> Yes, that’s the same issue. I saw Paul wrote this there:
> ```
> Skipping the RLS checks to insert the leftovers seems like the correct
> behavior to me, since we are skipping the ACL checks (per the
> standard). Shouldn't it be consistent?
> I think the reason we skip the checks is that semantically, the
> leftovers aren't changing anything: they are preserving the history
> that is already there.
> ```
> 
> That explains why the ACL checks are skipped as stated in the doc, but I 
> don’t think the same reasoning should apply to RLS checks. As I explained in 
> my patch email, for example, directly inserting [70,100) is blocked by policy 
> t_ins, but a user can work around that by inserting [1,100) and then updating 
> [30,70), which seems like a security hole.
> 

I just noticed that I forgot the attached again.

Best regards,
--
Chao Li (Evan)
HighGo Software Co., Ltd.
https://www.highgo.com/




Attachment: v1-0001-Fix-RLS-checks-for-FOR-PORTION-OF-leftover-rows.patch
Description: Binary data

Reply via email to