On 27 March 2013 14:50, Robert Haas <robertmhaas@gmail.com> wrote:
> On Wed, Mar 27, 2013 at 9:09 AM, Thom Brown <thom@linux.com> wrote:
>> Perhaps something along the lines of:
>>
>> "When a CREATE FUNCTION command is executed, the install permission
>> will be checked to determine whether the LEAKPROOF attribute was
>> present. This permission will also be checked when the user tries to
>> apply the LEAKPROOF attribute using the ALTER FUNCTION command."
>>
>> I'm not sure what the last part is actually describing ("with setattr
>> permission on the function being altered."), so I'm not sure how that
>> should be read. It doesn't help that I'm not familiar with SELinux
>> terms.
>
> Right, so what it's trying to say is: whenever you modify an object,
> we check whether you've got {setattr} permission for that object and
> disallow the operation if not. However, for some operations on some
> object types, {setattr} is necessary but not sufficient. The
> paragraph is recapping, for various cases, which operations require
> additional permissions, and what those additional things are.
>
>> I was really just thinking of CREATE and LEAKPROOF, but I'm not sure
>> "CREATE" should be in there anyway.
>
> create here is referring to the sepgsql permission, not the SQL
> command, so it's correct as-is.
My bad.
--
Thom