aboutsummaryrefslogtreecommitdiff
path: root/doc/src/sgml/ref/create_policy.sgml
diff options
context:
space:
mode:
Diffstat (limited to 'doc/src/sgml/ref/create_policy.sgml')
-rw-r--r--doc/src/sgml/ref/create_policy.sgml12
1 files changed, 2 insertions, 10 deletions
diff --git a/doc/src/sgml/ref/create_policy.sgml b/doc/src/sgml/ref/create_policy.sgml
index 4aaeb121028..89d27879b1e 100644
--- a/doc/src/sgml/ref/create_policy.sgml
+++ b/doc/src/sgml/ref/create_policy.sgml
@@ -414,16 +414,8 @@ CREATE POLICY <replaceable class="parameter">name</replaceable> ON <replaceable
</para>
<para>
- When reducing the set of rows which users have access to, through
- modifications to row-level security policies or security-barrier views,
- be aware that users with a currently open transaction may be able to see
- updates to rows that they are theoretically no longer allowed access to,
- as the new policies may not be absorbed into existing query plans
- immediately. Therefore, the best practice to avoid any possible leak of
- information when altering conditions that determine the visibility of
- specific rows is to ensure that affected users do not have any open
- transactions, perhaps by ensuring they have no concurrent sessions
- running.
+ Additional discussion and practical examples can be found
+ in <xref linkend="ddl-rowsecurity">.
</para>
</refsect1>
generated by cgit v1.2.3 (git 2.25.1) at 2025-08-05 06:13:39 +0000