Greg Smith wrote: > Where I suspect this is all is going to settle down into is that if 1) > the SE GUC is on and 2) one of the tables in a join has rows filtered, > then you can expect that a) it's possible that the result will leak > information, which certainly need to be documented,
As far as I can tell this is the case however you hide the information. If you implemented it with views you'll have the same issue. If you hide the existence of project p_id="TOPSECRET01" and people can run inserts then they can spot it. Likewise, it you have fkey references to the row then deletions can be used to spot it. -- Richard Huxton Archonet Ltd -- Sent via pgsql-hackers mailing list (pgsql-hackers@postgresql.org) To make changes to your subscription: http://www.postgresql.org/mailpref/pgsql-hackers
