Re: allowing privileges on untrusted languages - Mailing list pgsql-hackers

From Simon Riggs
Subject Re: allowing privileges on untrusted languages
Date
Msg-id CA+U5nM+BEO9J=i_J7xgeoD7P-8Ea6PyV80XMTH02jFE6FWvZfw@mail.gmail.com
Whole thread Raw
In response to Re: allowing privileges on untrusted languages  (Kohei KaiGai <kaigai@kaigai.gr.jp>)
Responses Re: allowing privileges on untrusted languages
List pgsql-hackers
On 19 January 2013 13:45, Kohei KaiGai <kaigai@kaigai.gr.jp> wrote:

> I think, it is a time to investigate separation of database superuser privileges
> into several fine-grained capabilities, like as operating system doing.
> https://github.com/torvalds/linux/blob/master/include/uapi/linux/capability.h
>
> In case of Linux, the latest kernel has 36 kinds of capabilities that reflects
> a part of root privileges, such as privilege to open listen port less than 1024,
> privilege to override DAC permission and so on. Traditional root performs
> as a user who has all the capability in default.

Sounds like the best way to go. The reasoning that led to that change
works for us as well.

-- Simon Riggs                   http://www.2ndQuadrant.com/PostgreSQL Development, 24x7 Support, Training & Services



pgsql-hackers by date:

Previous
From: Kohei KaiGai
Date:
Subject: Re: allowing privileges on untrusted languages
Next
From: Andrew Dunstan
Date:
Subject: Re: Contrib PROGRAM problem