Home > mailing lists

Re: [v9.2] sepgsql's DROP Permission checks - Mailing list pgsql-hackers

From	Robert Haas
Subject	Re: [v9.2] sepgsql's DROP Permission checks
Date	January 19, 2012 00:34:35
Msg-id	CA+TgmobYv7U8ktj6+LsjODKf=jhfWsGSf9RvyKcc4zUvpKjjOw@mail.gmail.com Whole thread Raw
In response to	Re: [v9.2] sepgsql's DROP Permission checks (Kohei KaiGai <kaigai@kaigai.gr.jp>)
Responses	Re: [v9.2] sepgsql's DROP Permission checks (Kohei KaiGai <kaigai@kaigai.gr.jp>)
List	pgsql-hackers

Tree view

On Wed, Jan 18, 2012 at 9:50 AM, Kohei KaiGai <kaigai@kaigai.gr.jp> wrote:
> In sepgsql side, it determines a case to apply permission checks
> according to the contextual information; that is same technique
> when we implemented create permission.
> Thus, it could checks db_xxx:{drop} permission correctly.

Why do we need the contextual information in this case?  Why
can't/shouldn't the decision be made solely on the basis of what
object is targeted?

-- 
Robert Haas
EnterpriseDB: http://www.enterprisedb.com
The Enterprise PostgreSQL Company

pgsql-hackers by date:

From: Noah Misch
Date: 18 January 2012, 23:01:36
Subject: Re: Measuring relation free space

From: Noah Misch
Date: 19 January 2012, 01:11:58
Subject: Re: foreign key locks, 2nd attempt

Re: [v9.2] sepgsql's DROP Permission checks - Mailing list pgsql-hackers

Previous

Next