<listitem>
<para>
This clause specifies optional parameters for a view; currently, the
- only suppored parameter name is <literal>security_barrier</literal>,
+ only supported parameter name is <literal>security_barrier</literal>,
which should be enabled when a view is intended to provide row-level
security. See <xref linkend="rules-privileges"> for full details.
</para>
When it is necessary for a view to provide row-level security, the
<literal>security_barrier</literal> attribute should be applied to
the view. This prevents maliciously-chosen functions and operators from
- being invoked on rows until afterthe view has done its work. For
+ being invoked on rows until after the view has done its work. For
example, if the view shown above had been created like this, it would
be secure:
<programlisting>
<para>
It is important to understand that even a view created with the
<literal>security_barrier</literal> option is intended to be secure only
- in the limited sense that the contents of the invisible tuples will not
+ in the limited sense that the contents of the invisible tuples will not be
passed to possibly-insecure functions. The user may well have other means
of making inferences about the unseen data; for example, they can see the
query plan using <command>EXPLAIN</command>, or measure the runtime of
projects / postgresql.git / commitdiff