On 2015-09-29 11:52:14 -0700, Peter Geoghegan wrote: > On Tue, Sep 29, 2015 at 8:24 AM, Andres Freund <and...@anarazel.de> wrote: > > So, took a bit longer than "tomorrow. I fought for a long while with a > > mysterious issue, which turned out to be separate bug: The excluded > > relation was affected by row level security policies, which doesn't make > > sense. > > Why? You certainly thought that it made sense for conventional column > permissions due to potential problems with before row insert triggers.
I don't see how those compare: > I specifically remember discussing this with you off list (on IM, > roughly a couple of weeks prior to initial commit). I recommended that > we err towards a more restrictive behavior in the absence of any > strong principle pushing us one way or the other. You seemed to agree. I don't think this really is comparable. Comparing this with a plain INSERT or UPDATE this would be akin to running RLS on the RETURNING tuple - which we currently don't. I think this is was just a bug. > I suppose that we have a tight enough grip on the targetlist that it's > hard to imagine anything else being introduced there spuriously. I had > thought that the pull-up did allow useful additional > defense/sanitization, but that may not be an excellent argument. The > only remaining argument is that my approach is closer to RETURNING, > but that doesn't seem like an excellent argument. I indeed don't think this is comparable to RETURNING - the pullup there is into an actual querytree above unrelated relations. Greetings, Andres Freund -- Sent via pgsql-hackers mailing list (pgsql-hackers@postgresql.org) To make changes to your subscription: http://www.postgresql.org/mailpref/pgsql-hackers
