-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 On 04/09/2014 02:00 AM, Stephen Frost wrote: > * Tom Lane (t...@sss.pgh.pa.us) wrote: >>> Craig Ringer <cr...@2ndquadrant.com> writes: >>>>> On 04/05/2014 03:57 AM, Andres Freund wrote: >>>>>>> r04) Row-security based on Updatable security barrier >>>>>>> views This one's fate seems to be hard to judge without >>>>>>> c07. >>> >>>>> Open issues remain with this patch, and resources for >>>>> working on it in 9.4 have run out. >>> >>>>> It is not ready for commit. A core bugfix with locking in >>>>> security barrier views is required before the regression >>>>> tests can be fixed up properly, for one thing. Tom also >>>>> expressed concerns about how plan invalidation works, >>>>> though it's not yet clear whether that was just >>>>> miscommunication about how it works on my part or whether >>>>> there's a concrete problem there. >>> >>>>> I'd really love to finish this off for 9.4, but other >>>>> projects have to come first. >>> >>> Given that, I think we should go ahead and mark this one >>> Returned With Feedback. It's past time to be punting anything >>> that doesn't have a serious chance of getting committed for >>> 9.4.
> I'm a bit confused on this point- is the only issue the > *preexisting* bug with security barrier views? This thread discusses two patches. The above refers to row security (per quoted text at top), not updatable security barrier views. Updatable security barrier views are ready. There's a pre-existing bug with security barrier views, but updatable s.b. views don't make it any worse and it can be fixed separately. Row security is not. It could possibly be committed w/o a fix for the security barrier bug by deleting the relevant regression tests, but Tom had reservations about plan invalidation in it, the docs need updating, and it needs a bunch more testing. It's possible I could have it ready in a few days - or it might be a couple of weeks. I ran out of time to work on it for 9.4. > Craig, in general, I'd argue that a pre-existing bug isn't a reason > that a patch isn't ready for commit. The bug may need to be fixed > before the patch goes in, but saying a patch isn't ready implied, > to me at least, issues with the *patch*, which it sounds like isn't > the case here. I tend to agree, and for that reason want updatable security barrier views to make it in for 9.4. - -- Craig Ringer http://www.2ndQuadrant.com/ PostgreSQL Development, 24x7 Support, Training & Services -----BEGIN PGP SIGNATURE----- Version: GnuPG v1.4.15 (GNU/Linux) Comment: Using GnuPG with Thunderbird - http://www.enigmail.net/ iQEcBAEBAgAGBQJTRKCAAAoJELBXNkqjr+S2kwQH+gP9+sNyEnE2HiKpRkEgFn0C g+rIfhjJl0ANPMAt6DIBNbns/1t38xqhpkbmirT8cS0RVplAETV6ynYngdzcQQOk GVeoOylSr75Hh3PWC82qRBHtgMZ7tV8RChNXgW6p4qekpAhqmAMJzBwq+bVhKXmZ +Wfpc1u5wTTc0aw9pmQVmr3ZpjibI+C54+eYrq97+JmC7kFHQWrLAmM/stiGeJpW nzOCADfQolpjCWDts/flwKDu+F2y4aUNhOUEiMo+LtPqPRgYioZwIUMeF5HBz+Ng CQTnjDeC/ROBFMvD1Jk1wBKvNl5lPd3ikdaLIaCmjav4hX2B35fbmuQLKgkxOwM= =AaWD -----END PGP SIGNATURE----- -- Sent via pgsql-hackers mailing list (pgsql-hackers@postgresql.org) To make changes to your subscription: http://www.postgresql.org/mailpref/pgsql-hackers
