On 6 January 2015 at 19:25, Stephen Frost <sfr...@snowman.net> wrote: > Robert, Amit, > > * Robert Haas (robertmh...@gmail.com) wrote: >> I don't think that's a typo, although it's not particularly >> well-worded IMHO. I might rewrite the whole paragraph like this: >> >> A policy limits the ability to SELECT, INSERT, UPDATE, or DELETE rows >> in a table to those rows which match the relevant policy expression. >> Existing table rows are checked against the expression specified via >> USING, while new rows that would be created via INSERT or UPDATE are >> checked against the expression specified via WITH CHECK. Generally, >> the system will enforce filter conditions imposed using security >> policies prior to qualifications that appear in the query itself, in >> order to the prevent the inadvertent exposure of the protected data to >> user-defined functions which might not be trustworthy. However, >> functions and operators marked by the system (or the system >> administrator) as LEAKPROOF may be evaluated before policy >> expressions, as they are assumed to be trustworthy. > > Looks reasonable to me. Amit, does this read better for you? If so, I > can handle making the change to the docs. >
I have a wider concern about the wording on this page - both the rewritten paragraph and elsewhere talk about policies in terms of limiting access to or filtering out rows. However, since policy expressions are OR'ed together and there is a default-deny policy when RLS is enabled, I think it should be talking about policies in terms of permitting access to tables that have row security enabled. Regards, Dean -- Sent via pgsql-hackers mailing list (pgsql-hackers@postgresql.org) To make changes to your subscription: http://www.postgresql.org/mailpref/pgsql-hackers