Home > mailing lists

Re: [PATCH] Expose port->authn_id to extensions and triggers - Mailing list pgsql-hackers

From	Michael Paquier
Subject	Re: [PATCH] Expose port->authn_id to extensions and triggers
Date	March 3, 2022 10:45:33
Msg-id	YiByHbZslaZXkcqY@paquier.xyz Whole thread Raw
In response to	Re: [PATCH] Expose port->authn_id to extensions and triggers (Andres Freund <andres@anarazel.de>)
Responses	Re: [PATCH] Expose port->authn_id to extensions and triggers (Jacob Champion <pchampion@vmware.com>)
List	pgsql-hackers

Tree view

On Wed, Mar 02, 2022 at 01:27:40PM -0800, Andres Freund wrote:
> I don't think we should commit this without synchronizing the authn between
> worker / leader (in a separate commit). Too likely that some function that's
> marked parallel ok queries the authn_id, opening up a security/monitoring hole
> or such because of a bogus return value.

Hmm, OK.  Using the same authn ID for the leader and the workers still
looks a bit strange to me as the worker is not the one that does the
authentication, only the leader does that.  Anyway, FixedParallelState
includes some authentication data passed down by the leader when
spawning a worker.  So, if we were to pass down the authn, we are
going to need a new PARALLEL_KEY_* to serialize and restore the data
passed down via a DSM like any other states as per the business in
parallel.c.  Jacob, what do you think?
--
Michael

Attachment

signature.asc

pgsql-hackers by date:

From: "Daniel Westermann (DWE)"
Date: 03 March 2022, 10:32:11
Subject: Re: Changing "Hot Standby" to "hot standby"

From: Kyotaro Horiguchi
Date: 03 March 2022, 11:04:12
Subject: Re: shared-memory based stats collector

Re: [PATCH] Expose port->authn_id to extensions and triggers - Mailing list pgsql-hackers

Attachment

Previous

Next