Robert Haas <robertmh...@gmail.com> writes: > On Wed, Sep 4, 2013 at 10:45 AM, Tom Lane <t...@sss.pgh.pa.us> wrote: >> Well, the security-barrier view stuff did not present itself as a 100% >> solution. But perhaps more to the point, it was conceptually simple to >> implement, ie don't flatten views if they have this bit set, and don't >> push down quals into such sub-selects unless they're marked leakproof.
> Right. IMHO, this new feature should be similarly simple: when an > unprivileged user references a table, treat that as a reference to a > leakproof view over the table, with the RLS qual injected into the > view. And for insert/update/delete, we do what exactly? regards, tom lane -- Sent via pgsql-hackers mailing list (pgsql-hackers@postgresql.org) To make changes to your subscription: http://www.postgresql.org/mailpref/pgsql-hackers