Thread: Patch to add support for security labels on local objects
Hi, This patch adds support to a PostgreSQL 9.1 feature called security labels. It adds a new tab to tables, columns, aggregates, domains, foreign tables, functions, languages, sequences, types, and views dialogs, that allows one to add security label for each provider they want. I suppose most users will have only one provider, but the patch supports multi providers. Note that this does not support a recent 9.2 feature of PostgreSQL that adds security labels to global objects. This will be part of another patch. -- Guillaume http://blog.guillaume.lelarge.info http://www.dalibo.com
On Sun, 2011-07-24 at 10:58 +0200, Guillaume Lelarge wrote: > Hi, > > This patch adds support to a PostgreSQL 9.1 feature called security > labels. It adds a new tab to tables, columns, aggregates, domains, > foreign tables, functions, languages, sequences, types, and views > dialogs, that allows one to add security label for each provider they > want. I suppose most users will have only one provider, but the patch > supports multi providers. > > Note that this does not support a recent 9.2 feature of PostgreSQL that > adds security labels to global objects. This will be part of another > patch. > > Because of the latest push I did, it won't apply cleanly. There is one small issue which will be easy to fix. -- Guillaume http://blog.guillaume.lelarge.info http://www.dalibo.com
On Sun, 2011-07-24 at 17:40 +0200, Guillaume Lelarge wrote: > On Sun, 2011-07-24 at 10:58 +0200, Guillaume Lelarge wrote: > > Hi, > > > > This patch adds support to a PostgreSQL 9.1 feature called security > > labels. It adds a new tab to tables, columns, aggregates, domains, > > foreign tables, functions, languages, sequences, types, and views > > dialogs, that allows one to add security label for each provider they > > want. I suppose most users will have only one provider, but the patch > > supports multi providers. > > > > Note that this does not support a recent 9.2 feature of PostgreSQL that > > adds security labels to global objects. This will be part of another > > patch. > > > > > > Because of the latest push I did, it won't apply cleanly. There is one > small issue which will be easy to fix. > While working on it, I thought I would better look at the same time at supporting security labels for global/shared objects. So, here are two patches. The first one is a revised version of the previous patch. It fixes the apply issue, and it deals better with connections. The second one supports security labels for global objects. -- Guillaume http://blog.guillaume.lelarge.info http://www.dalibo.com
On Sun, 2011-07-24 at 21:23 +0200, Guillaume Lelarge wrote: > On Sun, 2011-07-24 at 17:40 +0200, Guillaume Lelarge wrote: > > On Sun, 2011-07-24 at 10:58 +0200, Guillaume Lelarge wrote: > > > Hi, > > > > > > This patch adds support to a PostgreSQL 9.1 feature called security > > > labels. It adds a new tab to tables, columns, aggregates, domains, > > > foreign tables, functions, languages, sequences, types, and views > > > dialogs, that allows one to add security label for each provider they > > > want. I suppose most users will have only one provider, but the patch > > > supports multi providers. > > > > > > Note that this does not support a recent 9.2 feature of PostgreSQL that > > > adds security labels to global objects. This will be part of another > > > patch. > > > > > > > > > > Because of the latest push I did, it won't apply cleanly. There is one > > small issue which will be easy to fix. > > > > While working on it, I thought I would better look at the same time at > supporting security labels for global/shared objects. So, here are two > patches. The first one is a revised version of the previous patch. It > fixes the apply issue, and it deals better with connections. The second > one supports security labels for global objects. > > Commited. -- Guillaume http://blog.guillaume.lelarge.info http://www.dalibo.com
Hi, All if (seclabelPage) should be if (seclabelPage && connection->BackendMinimumVersion(9, 1)) Best regards, Vladimir Kokovic, DP senior. Belgrade, Serbia On 7/25/11, Guillaume Lelarge <guillaume@lelarge.info> wrote: > On Sun, 2011-07-24 at 21:23 +0200, Guillaume Lelarge wrote: >> On Sun, 2011-07-24 at 17:40 +0200, Guillaume Lelarge wrote: >> > On Sun, 2011-07-24 at 10:58 +0200, Guillaume Lelarge wrote: >> > > Hi, >> > > >> > > This patch adds support to a PostgreSQL 9.1 feature called security >> > > labels. It adds a new tab to tables, columns, aggregates, domains, >> > > foreign tables, functions, languages, sequences, types, and views >> > > dialogs, that allows one to add security label for each provider they >> > > want. I suppose most users will have only one provider, but the patch >> > > supports multi providers. >> > > >> > > Note that this does not support a recent 9.2 feature of PostgreSQL >> > > that >> > > adds security labels to global objects. This will be part of another >> > > patch. >> > > >> > > >> > >> > Because of the latest push I did, it won't apply cleanly. There is one >> > small issue which will be easy to fix. >> > >> >> While working on it, I thought I would better look at the same time at >> supporting security labels for global/shared objects. So, here are two >> patches. The first one is a revised version of the previous patch. It >> fixes the apply issue, and it deals better with connections. The second >> one supports security labels for global objects. >> >> > > Commited. > > > -- > Guillaume > http://blog.guillaume.lelarge.info > http://www.dalibo.com > > > -- > Sent via pgadmin-hackers mailing list (pgadmin-hackers@postgresql.org) > To make changes to your subscription: > http://www.postgresql.org/mailpref/pgadmin-hackers >
On Tue, 2011-08-02 at 09:49 +0200, Vladimir Kokovic wrote: > Hi, > > All > if (seclabelPage) > should be > if (seclabelPage && connection->BackendMinimumVersion(9, 1)) > Yes, and the same (but 9.2) for global/shared objects. Fix added. Thanks. -- Guillaume http://blog.guillaume.lelarge.info http://www.dalibo.com