Home > mailing lists

Re: [v9.1] Add security hook on initialization of instance - Mailing list pgsql-hackers

From	KaiGai Kohei
Subject	Re: [v9.1] Add security hook on initialization of instance
Date	June 15, 2010 03:48:16
Msg-id	4C16F7E4.6040705@ak.jp.nec.com Whole thread Raw
In response to	Re: [v9.1] Add security hook on initialization of instance (Tom Lane <tgl@sss.pgh.pa.us>)
Responses	Re: [v9.1] Add security hook on initialization of instance
List	pgsql-hackers

Tree view

(2010/06/15 12:28), Tom Lane wrote:
> KaiGai Kohei<kaigai@ak.jp.nec.com>  writes:
>>>>> The attached patch tries to add one more security hook on the
>>>>> initialization of PostgreSQL instance (InitPostgres()).
> 
>>> Yeah, but so what?  Stephen's point is still valid.
> 
>> On the hook, I'd like to obtain security context of the client process
>> which connected to the PostgreSQL instance. It is not available at the
>> _PG_init() phase, because clients don't connect yet.
> 
> InitPostgres is called by a number of process types that don't *have*
> clients.  I concur with the other opinions that this hook is badly
> thought out.
> 
I intended to skip it when InitPostgres() is called without clients.

For example, the hook might be better to put on PerformAuthentication()
for more clarification of the purpose.

Thanks,
-- 
KaiGai Kohei <kaigai@ak.jp.nec.com>

pgsql-hackers by date:

From: Robert Haas
Date: 15 June 2010, 03:35:53
Subject: Re: warning message in standby

From: Fujii Masao
Date: 15 June 2010, 04:46:30
Subject: Re: Proposal for 9.1: WAL streaming from WAL buffers

Re: [v9.1] Add security hook on initialization of instance - Mailing list pgsql-hackers

Previous

Next