Re: Where to hook my custom access control module? - Mailing list pgsql-hackers

From Andrew Dunstan
Subject Re: Where to hook my custom access control module?
Date
Msg-id 63922.75.177.135.163.1178720937.squirrel@www.dunslane.net
Whole thread Raw
In response to Where to hook my custom access control module?  (Karel Gardas <kgardas@objectsecurity.com>)
Responses Re: Where to hook my custom access control module?
List pgsql-hackers
Karel Gardas wrote:
>
> Hello,
>
> first of all, I've tried to ask on pgsql-general mailing list as advised,
> but no answer.
>
> I'd like to look at a possibility of integrating OpenPMF
> (http://www.openpmf.org) with the PostgreSQL. There is a possibility to
> have a "weak" integration by using a provided rule system and SQL, but
> this way we would lose central management functionality of OpenPMF,
> especially its policy violation notifications and we'll need to
> synchronize rules with policies from time to time. So now I think about
> how to directly integrate some kind of OpenPMF policy enforcement point
> into the PostgreSQL. For this I would need some access control hook inside
> PostgreSQL which would be called on every action and my PEP would get a
> chance to deny some access. Is there anything like that supported in the
> PostgreSQL?
>


Exactly what is "open" about this product other than the name? It looks
closed and proprietary to me.

cheers

andrew




pgsql-hackers by date:

Previous
From: Karel Gardas
Date:
Subject: Where to hook my custom access control module?
Next
From: Jim Nasby
Date:
Subject: Re: [COMMITTERS] pgsql: Teach tuplesort.c about "top N" sorting, in which only the first