On 8 April 2015 at 19:52, Dean Rasheed <dean.a.rash...@gmail.com> wrote:
> 2). In prepend_row_security_policies(), I think it is better to have > any table RLS policies applied before any hook policies, so that a > hook cannot be used to bypass built-in RLS. > A hook really has to be able to ensure that built-in RLS cannot bypass the hook's policies, too, i.e. the hook policy *must* return true for the row to be visible. This is necessary for mandatory access control hooks, which need to be able to say "permit if and only if..." I'll take a closer look at this. > 3). The infinite recursion detection in fireRIRrules() didn't properly > manage the activeRIRs list in the case of WCOs, so it would > incorrectly report infinite recusion if the same relation with RLS > appeared more than once in the rtable, for example "UPDATE t ... FROM > t ...". > I'm impressed you found that one. -- Craig Ringer http://www.2ndQuadrant.com/ PostgreSQL Development, 24x7 Support, Training & Services
