Home > mailing lists

Re: Proposal: access control jails (and introduction as aspiring GSoC student) - Mailing list pgsql-hackers

From	Stephen Frost
Subject	Re: Proposal: access control jails (and introduction as aspiring GSoC student)
Date	March 22, 2010 14:04:10
Msg-id	20100322140357.GU21875@tamriel.snowman.net Whole thread Raw
In response to	Re: Proposal: access control jails (and introduction as aspiring GSoC student) (Robert Haas <robertmhaas@gmail.com>)
Responses	Re: Proposal: access control jails (and introduction as aspiring GSoC student)
List	pgsql-hackers

Tree view

* Robert Haas (robertmhaas@gmail.com) wrote:
> Sometimes it would be nice to conditionalize queries on a value other
> than the authenticated role.  I really wish we had some kind of SQL
> variable support.  Talking out of my rear end:

I certainly agree- having variable support in the backend would
definitely be nice.  I'd want it to be explicit and distinct from GUCs
though, unlike the situation we have w/ psql right now.  All that said,
I'm not really a huge fan of write-your-own-authorization-system in
general.  If the existing authorization system isn't sufficient for what
you want, then let's improve it.  There may be specific cases where
what's needed is particularly complex, but that's what security definer
functions are for..
Thanks,
    Stephen

pgsql-hackers by date:

From: Robert Haas
Date: 22 March 2010, 13:58:32
Subject: Re: Comments on Exclusion Constraints and related datatypes

From: Tom Lane
Date: 22 March 2010, 14:14:13
Subject: Re: Comments on Exclusion Constraints and related datatypes

Re: Proposal: access control jails (and introduction as aspiring GSoC student) - Mailing list pgsql-hackers

Previous

Next