Re: pgaudit - an auditing extension for PostgreSQL - Mailing list pgsql-hackers

From Stephen Frost
Subject Re: pgaudit - an auditing extension for PostgreSQL
Date
Msg-id 20141218140611.GO25679@tamriel.snowman.net
Whole thread Raw
In response to Re: pgaudit - an auditing extension for PostgreSQL  (Abhijit Menon-Sen <ams@2ndQuadrant.com>)
List pgsql-hackers
Abhijit,

* Abhijit Menon-Sen (ams@2ndQuadrant.com) wrote:
> At 2014-12-16 13:28:07 -0500, sfrost@snowman.net wrote:
> >
> > The magic "audit" role has SELECT rights on a given table.  When any
> > user does a SELECT against that table, ExecCheckRTPerms is called and
> > there's a hook there which the module can use to say "ok, does the
> > audit role have any permissions here?" and, if the result is yes, then
> > the command is audited.
>
> You're right, I did not understand that this is what you were proposing,
> and this is not what the code does. I went back and read your original
> description, and it seems I implemented only the subset I understood.
>
> I'll look into changing the code sometime next week.

Ok, great, thanks!
Stephen

pgsql-hackers by date:

Previous
From: Robert Haas
Date:
Subject: Re: Proposal: Log inability to lock pages during vacuum
Next
From: Fujii Masao
Date:
Subject: Re: Function to know last log write timestamp