diff --git a/doc/src/sgml/ref/create_view.sgml b/doc/src/sgml/ref/create_view.sgml index 6e868408662485bddb1cfb880349fa04c367be52..838bf486a3dfa6a5f449b34319c53df6eec6456e 100644 --- a/doc/src/sgml/ref/create_view.sgml +++ b/doc/src/sgml/ref/create_view.sgml @@ -104,7 +104,7 @@ CREATE [ OR REPLACE ] [ TEMP | TEMPORARY ] VIEW n This clause specifies optional parameters for a view; currently, the - only suppored parameter name is security_barrier, + only supported parameter name is security_barrier, which should be enabled when a view is intended to provide row-level security. See for full details. diff --git a/doc/src/sgml/rules.sgml b/doc/src/sgml/rules.sgml index 896cc64ecd2f1d07761bb9f2b7888d50738f6d0b..3038fe9adc03899d4bccf9b0d72080e54272bde3 100644 --- a/doc/src/sgml/rules.sgml +++ b/doc/src/sgml/rules.sgml @@ -1876,7 +1876,7 @@ SELECT * FROM phone_number WHERE tricky(person, phone); When it is necessary for a view to provide row-level security, the security_barrier attribute should be applied to the view. This prevents maliciously-chosen functions and operators from - being invoked on rows until afterthe view has done its work. For + being invoked on rows until after the view has done its work. For example, if the view shown above had been created like this, it would be secure: @@ -1893,7 +1893,7 @@ CREATE VIEW phone_number WITH (security_barrier) AS It is important to understand that even a view created with the security_barrier option is intended to be secure only - in the limited sense that the contents of the invisible tuples will not + in the limited sense that the contents of the invisible tuples will not be passed to possibly-insecure functions. The user may well have other means of making inferences about the unseen data; for example, they can see the query plan using EXPLAIN, or measure the runtime of