On Jun27, 2012, at 15:07 , Kohei KaiGai wrote: > Probably, PlannedStmt->invalItems allows to handle invalidation of > plan-cache without big code changes. I'll try to put a flag of user-id > to track the query plan with RLS assumed, or InvalidOid if no RLS > was applied in this plan. > I'll investigate the implementation for more details. > > Do we have any other scenario that run a query plan under different > user privilege rather than planner stage?
Hm, what happens if a SECURITY DEFINER functions returns a refcursor? Actually, I wonder how we handle that today. If the executor is responsible for permission checks, that wouldn't we apply the calling function's privilege level in that case, at least of the cursor isn't fetched from in the SECURITY DEFINER function? If I find some time, I'll check... best regards, Florian Pflug -- Sent via pgsql-hackers mailing list (pgsql-hackers@postgresql.org) To make changes to your subscription: http://www.postgresql.org/mailpref/pgsql-hackers
