Re: WITH CHECK and Column-Level Privileges

On 09/26/2014 05:20 PM, Stephen Frost wrote:
> All,
>
>    Through continued testing, we've discovered an issue in the
>    WITH CHECK OPTION code when it comes to column-level privileges
>    which impacts 9.4.
>
>    It's pretty straight-forward, thankfully, but:
>
> postgres=# create view myview
> postgres-# with (security_barrier = true,
> postgres-# check_option = 'local')
> postgres-# as select * from passwd where username = current_user;
> CREATE VIEW
> postgres=# grant select (username) on myview to public;
> GRANT
> postgres=# grant update on myview to public;
> GRANT
> postgres=# set role alice;
> SET
> postgres=> update myview set username = 'joe';
> ERROR:  new row violates WITH CHECK OPTION for "myview"
> DETAIL:  Failing row contains (joe, abc).
>
>    Note that the entire failing tuple is returned, including the
>    'password' column, even though the 'alice' user does not have select
>    rights on that column.

Is there similar problems with unique or exclusion constraints?

>    The detail information is useful for debugging, but I believe we have
>    to remove it from the error message.
>
>    Barring objections, and in the hopes of getting the next beta out the
>    door soon, I'll move forward with this change and back-patch it to
>    9.4 after a few hours

What exactly are you going to commit? Did you forget to attach a patch?

> (or I can do it tomorrow if there is contention;
>    I don't know what, if any, specific plans there are for the next beta,
>    just that it's hopefully 'soon').

Probably would be wise to wait 'till tomorrow; there's no need to rush this.

- Heikki