Re: 8.4 release planning - Mailing list pgsql-hackers

From Simon Riggs
Subject Re: 8.4 release planning
Date
Msg-id 1233071882.2327.2191.camel@ebony.2ndQuadrant
Whole thread Raw
In response to Re: 8.4 release planning  (Tom Lane <tgl@sss.pgh.pa.us>)
Responses Re: 8.4 release planning
List pgsql-hackers
On Mon, 2009-01-26 at 22:55 -0500, Tom Lane wrote:

> Silently filtering out rows according to an arbitrary security policy
> can break a bunch of fundamental SQL semantics, the most obvious being
> foreign key constraints

That was exactly my reaction when I read the way it worked and I was
ready to reject the patch as a result. Bruce and KaiGai provided
documents that discuss the problem and it's a clearly a known issue in
the security community. Specifically, it hasn't prevented Oracle from
gaining security Certification and it shouldn't prevent us either. In
the end it's the certification that matters here, rather than a general
review of what database security is, or could be.

I've seen enough to be happy that KaiGai has done a thorough job on
*attempting* to address the needs of the security people. Passing
security audit is the real test and I won't be beating him up if we do
miss slightly. We have to try, otherwise we'll never know. 

My concerns are all about what it does to our code and the impacts of
that. These are things we know how to check.

-- Simon Riggs           www.2ndQuadrant.comPostgreSQL Training, Services and Support



pgsql-hackers by date:

Previous
From: Heikki Linnakangas
Date:
Subject: Re: Hot standby, recovery infrastructure
Next
From: Andrew Dunstan
Date:
Subject: Re: pg_upgrade project status