You signed in with another tab or window. Reload to refresh your session.You signed out in another tab or window. Reload to refresh your session.You switched accounts on another tab or window. Reload to refresh your session.Dismiss alert
I use RLS fairly heavily in my project and I've found security_invoker setting is not respected when diffing a view. This is exceptionally dangerous because by default it causes me to leak sensitive data.
Given:
CREATE OR REPLACE my_view WITH ( security_invoker = TRUE ) AS ... against an empty db
Expected:
CREATE OR REPLACE my_view WITH ( security_invoker = TRUE ) AS ...
Hey,
Firstly great project. I come here via https://github.com/bikeshedder/tusker to report this issue
I use RLS fairly heavily in my project and I've found
security_invokersetting is not respected when diffing a view. This is exceptionally dangerous because by default it causes me to leak sensitive data.Given:
CREATE OR REPLACE my_view WITH ( security_invoker = TRUE ) AS ...against an empty dbExpected:
CREATE OR REPLACE my_view WITH ( security_invoker = TRUE ) AS ...Actual
CREATE OR REPLACE my_view AS ...I expect this is related to #182
The text was updated successfully, but these errors were encountered: