Re: [COMMITTERS] pgsql: sepgsql: Support for new post-ALTER access hook. - Mailing list pgsql-hackers

From Robert Haas
Subject Re: [COMMITTERS] pgsql: sepgsql: Support for new post-ALTER access hook.
Date
Msg-id CA+TgmoZzbCPwbcsV4s7kt8jRLyMdHERWBBFCY7BiGfGdYQcBMQ@mail.gmail.com
Whole thread Raw
In response to Re: [COMMITTERS] pgsql: sepgsql: Support for new post-ALTER access hook.  (Thom Brown <thom@linux.com>)
Responses Re: [COMMITTERS] pgsql: sepgsql: Support for new post-ALTER access hook.
List pgsql-hackers
On Wed, Mar 27, 2013 at 9:09 AM, Thom Brown <thom@linux.com> wrote:
> Perhaps something along the lines of:
>
> "When a CREATE FUNCTION command is executed, the install permission
> will be checked to determine whether the LEAKPROOF attribute was
> present. This permission will also be checked when the user tries to
> apply the LEAKPROOF attribute using the ALTER FUNCTION command."
>
> I'm not sure what the last part is actually describing ("with setattr
> permission on the function being altered."), so I'm not sure how that
> should be read.  It doesn't help that I'm not familiar with SELinux
> terms.

Right, so what it's trying to say is: whenever you modify an object,
we check whether you've got {setattr} permission for that object and
disallow the operation if not.  However, for some operations on some
object types, {setattr} is necessary but not sufficient.  The
paragraph is recapping, for various cases, which operations require
additional permissions, and what those additional things are.

> I was really just thinking of CREATE and LEAKPROOF, but I'm not sure
> "CREATE" should be in there anyway.

create here is referring to the sepgsql permission, not the SQL
command, so it's correct as-is.

-- 
Robert Haas
EnterpriseDB: http://www.enterprisedb.com
The Enterprise PostgreSQL Company



pgsql-hackers by date:

Previous
From: Tom Lane
Date:
Subject: Re: Default connection parameters for postgres_fdw and dblink
Next
From: Thom Brown
Date:
Subject: Re: [COMMITTERS] pgsql: sepgsql: Support for new post-ALTER access hook.