Re: First draft of the PG 15 release notes

[Mark Dilger]

> On May 10, 2022, at 8:44 AM, Bruce Momjian <br...@momjian.us> wrote:
> 
> I have completed the first draft of the PG 15 release notes and you can
> see the results here


Thanks, Bruce!  This release note:

        • Prevent logical replication into tables where the subscription owner 
is subject to the table's row-level security policies (Mark Dilger)

... should mention, independent of any RLS considerations, subscriptions are 
now applied under the privilege of the subscription owner.  I don't think we 
can fit it in the release note, but the basic idea is that:

        CREATE SUBSCRIPTION ... CONNECTION '...' PUBLICATION ... WITH (enabled 
= false);
        ALTER SUBSCRIPTION ... OWNER TO nonsuperuser_whoever;
        ALTER SUBSCRIPTION ... ENABLE;

can be used to replicate a subscription without sync or apply workers operating 
as superuser.  That's the main advantage.  Previously, subscriptions always ran 
with superuser privilege, which creates security concerns if the publisher is 
malicious (or foolish).  Avoiding any unintentional bypassing of RLS was just a 
necessary detail to close the security loophole, not the main point of the 
security enhancement.

—
Mark Dilger
EnterpriseDB: http://www.enterprisedb.com
The Enterprise PostgreSQL Company