aboutsummaryrefslogtreecommitdiff
path: root/src/backend/utils/adt/timestamp.c
diff options
context:
space:
mode:
authorDean Rasheed <dean.a.rasheed@gmail.com>2019-06-23 18:50:08 +0100
committerDean Rasheed <dean.a.rasheed@gmail.com>2019-06-23 18:50:08 +0100
commitd7f8d26d9f4c0a574250ec53a03b3dc08d13796c (patch)
treec5484df58f12894e2cd3e332526ed2973bd04bf9 /src/backend/utils/adt/timestamp.c
parent89ff7c08eee355195eba6f544d28584e61200665 (diff)
downloadpostgresql-d7f8d26d9f4c0a574250ec53a03b3dc08d13796c.tar.gz
postgresql-d7f8d26d9f4c0a574250ec53a03b3dc08d13796c.zip
Add security checks to the multivariate MCV estimation code.
The multivariate MCV estimation code may run user-defined operators on the values in the MCV list, which means that those operators may potentially leak the values from the MCV list. Guard against leaking data to unprivileged users by checking that the user has SELECT privileges on the table or all of the columns referred to by the statistics. Additionally, if there are any securityQuals on the RTE (either due to RLS policies on the table, or accessing the table via a security barrier view), not all rows may be visible to the current user, even if they have table or column privileges. Thus we further insist that the operator be leakproof in this case. Dean Rasheed, reviewed by Tomas Vondra. Discussion: https://postgr.es/m/CAEZATCUhT9rt7Ui=Vdx4N==VV5XOK5dsXfnGgVOz_JhAicB=ZA@mail.gmail.com
Diffstat (limited to 'src/backend/utils/adt/timestamp.c')
0 files changed, 0 insertions, 0 deletions