Remove the SECURITY_ROW_LEVEL_DISABLED security context bit.

This commit's parent made superfluous the bit's sole usage. Referential integrity checks have long run as the subject table's owner, and that now implies RLS bypass. Safe use of the bit was tricky, requiring strict control over the SQL expressions evaluating therein. Back-patch to 9.5, where the bit was introduced. Based on a patch by Stephen Frost.
author: Noah Misch <noah@leadboat.com> 2015-09-20 20:47:17 -0400
committer: Noah Misch <noah@leadboat.com> 2015-09-20 20:47:36 -0400
commit: bbdb9dfbc3c722b4c811c5cbfa03ce79b7b74824 (patch)
tree: 1bdc39a0ecc726a76586c92c412dd06a6b243cdf /src/backend/utils/misc/rls.c
parent: 6dae6edcd88cf3be06acf247c10de925bc065274 (diff)
1 files changed, 0 insertions, 7 deletions
diff --git a/src/backend/utils/misc/rls.c b/src/backend/utils/misc/rls.c
index abaf3445068..c900c98848b 100644
--- a/src/backend/utils/misc/rls.c
+++ b/src/backend/utils/misc/rls.c
@@ -63,13 +63,6 @@ check_enable_rls(Oid relid, Oid checkAsUser, bool noError)
 	if (relid < FirstNormalObjectId)
 		return RLS_NONE;
 
-	/*
-	 * Check if we have been told to explicitly skip RLS (perhaps because this
-	 * is a foreign key check)
-	 */
-	if (InRowLevelSecurityDisabled())
-		return RLS_NONE;
-
 	tuple = SearchSysCache1(RELOID, ObjectIdGetDatum(relid));
 	if (!HeapTupleIsValid(tuple))
 		return RLS_NONE;
author	Noah Misch <noah@leadboat.com>	2015-09-20 20:47:17 -0400
committer	Noah Misch <noah@leadboat.com>	2015-09-20 20:47:36 -0400
commit	bbdb9dfbc3c722b4c811c5cbfa03ce79b7b74824 (patch)
tree	1bdc39a0ecc726a76586c92c412dd06a6b243cdf /src/backend/utils/misc/rls.c
parent	6dae6edcd88cf3be06acf247c10de925bc065274 (diff)