Commit d6314b20 authored by Joe Conway's avatar Joe Conway

Improve CREATE FUNCTION doc WRT to LEAKPROOF RLS interaction.

Patch by Dean Rasheed. Back-patched to 9.5 where RLS was introduced.
parent 1e15b212
...@@ -350,9 +350,18 @@ CREATE [ OR REPLACE ] FUNCTION ...@@ -350,9 +350,18 @@ CREATE [ OR REPLACE ] FUNCTION
effects. It reveals no information about its arguments other than by effects. It reveals no information about its arguments other than by
its return value. For example, a function which throws an error message its return value. For example, a function which throws an error message
for some argument values but not others, or which includes the argument for some argument values but not others, or which includes the argument
values in any error message, is not leakproof. The query planner may values in any error message, is not leakproof. This affects how the
push leakproof functions (but not others) into views created with the system executes queries against views created with the
<literal>security_barrier</literal> option. See <literal>security_barrier</literal> option or tables with row level
security enabled. The system will enforce conditions from security
policies and security barrier views before any user-supplied conditions
from the query itself that contain non-leakproof functions, in order to
prevent the inadvertent exposure of data. Functions and operators
marked as leakproof are assumed to be trustworthy, and may be executed
before conditions from security policies and security barrier views.
In addtion, functions which do not take arguments or which are not
passed any arguments from the security barrier view or table do not have
to be marked as leakproof to be executed before security conditions. See
<xref linkend="sql-createview"> and <xref linkend="rules-privileges">. <xref linkend="sql-createview"> and <xref linkend="rules-privileges">.
This option can only be set by the superuser. This option can only be set by the superuser.
</para> </para>
......
Markdown is supported
0% or
You are about to add 0 people to the discussion. Proceed with caution.
Finish editing this message first!
Please register or to comment