Re: ExecutorCheckPerms() hook - Mailing list pgsql-hackers

From Tom Lane
Subject Re: ExecutorCheckPerms() hook
Date
Msg-id 5432.1274373126@sss.pgh.pa.us
Whole thread Raw
In response to ExecutorCheckPerms() hook  (Robert Haas <robertmhaas@gmail.com>)
Responses Re: ExecutorCheckPerms() hook
List pgsql-hackers
Robert Haas <robertmhaas@gmail.com> writes:
> In yesterday's development meeting, we talked about the possibility of
> a basic SE-PostgreSQL implementation that checks permissions only for
> DML.  Greg Smith offered the opinion that this could provide much of
> the benefit of SE-PostgreSQL for many users, while being much simpler.
>  In fact, SE-PostgreSQL would need to get control in just one place:
> ExecCheckRTPerms.  This morning, Stephen Frost and I worked up a quick
> patch showing how we could add a hook here to let a hypothetical
> SE-PostgreSQL module get control in the relevant place.  The attached
> patch also includes a toy contrib module showing how it could be used
> to enforce arbitrary security policy.

Hm, I think you need to ignore RT entries that have no requiredPerms
bits set.  (Not that it matters too much, unless you were proposing to
actually commit this contrib module.)
        regards, tom lane


pgsql-hackers by date:

Previous
From: Selena Deckelmann
Date:
Subject: Re: Renaming '2010-Next' to '2010-6' in the commitfest app
Next
From: Robert Haas
Date:
Subject: Re: ExecutorCheckPerms() hook