From: Bruce Momjian on
Simon Riggs wrote:
> On Fri, 2009-10-23 at 10:04 -0400, Tom Lane wrote:
> > Simon Riggs <simon(a)2ndQuadrant.com> writes:
> > > On Fri, 2009-10-23 at 19:38 +0900, KaiGai Kohei wrote:
> > >> Sorry, what is happen if function is marked as "plan security"?
> >
> > > I was suggesting an intelligent default by which we could determine
> > > function marking implicitly, if it was not explicitly stated on the
> > > CREATE FUNCTION.
> >
> > The thought that's been in the back of my mind is that you could solve
> > 99% of the performance problem if you trusted all builtin functions and
> > nothing else. This avoids the question of who gets to mark functions
> > as trustable.
>
> That is a very good default. My experience is that those 1% of cases are
> responsible for 99% of wasted time, so the ability to specify things for
> user functions is critical. If we make user extensibility second rate we
> will force solutions to be second rate also. (e.g. where would PostGIS
> be without type-specific analyze functions?).

Added to TODO:

Prevent low-cost functions from seeing unauthorized view rows

--
Bruce Momjian <bruce(a)momjian.us> http://momjian.us
EnterpriseDB http://enterprisedb.com
PG East: http://www.enterprisedb.com/community/nav-pg-east-2010.do
+ If your life is a hard drive, Christ can be your backup. +

--
Sent via pgsql-hackers mailing list (pgsql-hackers(a)postgresql.org)
To make changes to your subscription:
http://www.postgresql.org/mailpref/pgsql-hackers