On Tue, Oct 6, 2015 at 7:29 AM, Stephen Frost <sfr...@snowman.net> wrote:
> * Haribabu Kommi (kommi.harib...@gmail.com) wrote:
>> On Tue, Oct 6, 2015 at 10:56 AM, Haribabu Kommi
>> <kommi.harib...@gmail.com> wrote:
>> > Here I attached an updated version of the patch with the following changes.
>> I found some problems related to providing multi-tenancy on a system
>> catalog view.
>> This is because, system catalog view uses the owner that is created
>> the user instead
>> of the current user by storing the user information in "checkAsUser"
>> field in RangeTblEntry
> Right, when querying through a view to tables underneath, we use the
> permissions of the view owner. View creators should be generally aware
> of this already.
> I agree that it adds complications to the multi-tenancy idea since the
> system views, today, allow viewing of all objects. There are two ways
> to address that:
> Modify the system catalog views to include the same constraints that the
> policies on the tables do
> Allow RLS policies against views and then create the necessary policies
> on the views in the catalog.
> My inclination is to work towards the latter as that's a capability we'd
> like to have anyway.
We've got one reloption for views already - security_barrier. Maybe
we could have another one that effectively changes a particular view
from "security definer" as it is today to "security invoker".
The Enterprise PostgreSQL Company
Sent via pgsql-hackers mailing list (email@example.com)
To make changes to your subscription: