Josh Berkus writes:
That would close only one covert channel. Others were already pointed out
upthread, and I'll bet there are more ...
Mind you, fundamentally this is no different from allowing INSERT
permission on a table but denying SELECT, or denying SELECT on certain
columns. In either case, covert channels for some data are available.
Certainly. But INSERT's purpose in life is not to prevent people from
inferring what data is in the table. What we have to ask here is whether
a "row level security" feature that doesn't deal with these real-world
attack techniques is worth having.

    regards, tom lane

Search Discussions

Discussion Posts


Follow ups

Related Discussions



site design / logo © 2018 Grokbase