On Tue, Oct 6, 2015 at 7:29 AM, Stephen Frost <sfr...@snowman.net> wrote:
> * Haribabu Kommi (kommi.harib...@gmail.com) wrote:
>> On Tue, Oct 6, 2015 at 10:56 AM, Haribabu Kommi
>> <kommi.harib...@gmail.com> wrote:
>> > Here I attached an updated version of the patch with the following changes.
>> I found some problems related to providing multi-tenancy on a system
>> catalog view.
>> This is because, system catalog view uses the owner that is created
>> the user instead
>> of the current user by storing the user information in "checkAsUser"
>> field in RangeTblEntry
>> structure.
> Right, when querying through a view to tables underneath, we use the
> permissions of the view owner.  View creators should be generally aware
> of this already.
> I agree that it adds complications to the multi-tenancy idea since the
> system views, today, allow viewing of all objects.  There are two ways
> to address that:
> Modify the system catalog views to include the same constraints that the
> policies on the tables do
> or
> Allow RLS policies against views and then create the necessary policies
> on the views in the catalog.
> My inclination is to work towards the latter as that's a capability we'd
> like to have anyway.

We've got one reloption for views already - security_barrier.  Maybe
we could have another one that effectively changes a particular view
from "security definer" as it is today to "security invoker".

Robert Haas
EnterpriseDB: http://www.enterprisedb.com
The Enterprise PostgreSQL Company

Sent via pgsql-hackers mailing list (pgsql-hackers@postgresql.org)
To make changes to your subscription:

Reply via email to