Robert, Amit, * Robert Haas (robertmh...@gmail.com) wrote: > I don't think that's a typo, although it's not particularly > well-worded IMHO. I might rewrite the whole paragraph like this: > > A policy limits the ability to SELECT, INSERT, UPDATE, or DELETE rows > in a table to those rows which match the relevant policy expression. > Existing table rows are checked against the expression specified via > USING, while new rows that would be created via INSERT or UPDATE are > checked against the expression specified via WITH CHECK. Generally, > the system will enforce filter conditions imposed using security > policies prior to qualifications that appear in the query itself, in > order to the prevent the inadvertent exposure of the protected data to > user-defined functions which might not be trustworthy. However, > functions and operators marked by the system (or the system > administrator) as LEAKPROOF may be evaluated before policy > expressions, as they are assumed to be trustworthy.
Looks reasonable to me. Amit, does this read better for you? If so, I
can handle making the change to the docs.
Thanks!
Stephen
signature.asc
Description: Digital signature
