Thread: Patch to add support for security labels on local objects

Patch to add support for security labels on local objects

From
Guillaume Lelarge
Date:
Hi,

This patch adds support to a PostgreSQL 9.1 feature called security
labels. It adds a new tab to tables, columns, aggregates, domains,
foreign tables, functions, languages, sequences, types, and views
dialogs, that allows one to add security label for each provider they
want. I suppose most users will have only one provider, but the patch
supports multi providers.

Note that this does not support a recent 9.2 feature of PostgreSQL that
adds security labels to global objects. This will be part of another
patch.


--
Guillaume
  http://blog.guillaume.lelarge.info
  http://www.dalibo.com

Re: Patch to add support for security labels on local objects

From
Guillaume Lelarge
Date:
On Sun, 2011-07-24 at 10:58 +0200, Guillaume Lelarge wrote:
> Hi,
>
> This patch adds support to a PostgreSQL 9.1 feature called security
> labels. It adds a new tab to tables, columns, aggregates, domains,
> foreign tables, functions, languages, sequences, types, and views
> dialogs, that allows one to add security label for each provider they
> want. I suppose most users will have only one provider, but the patch
> supports multi providers.
>
> Note that this does not support a recent 9.2 feature of PostgreSQL that
> adds security labels to global objects. This will be part of another
> patch.
>
>

Because of the latest push I did, it won't apply cleanly. There is one
small issue which will be easy to fix.


--
Guillaume
  http://blog.guillaume.lelarge.info
  http://www.dalibo.com


Re: Patch to add support for security labels on local objects

From
Guillaume Lelarge
Date:
On Sun, 2011-07-24 at 17:40 +0200, Guillaume Lelarge wrote:
> On Sun, 2011-07-24 at 10:58 +0200, Guillaume Lelarge wrote:
> > Hi,
> >
> > This patch adds support to a PostgreSQL 9.1 feature called security
> > labels. It adds a new tab to tables, columns, aggregates, domains,
> > foreign tables, functions, languages, sequences, types, and views
> > dialogs, that allows one to add security label for each provider they
> > want. I suppose most users will have only one provider, but the patch
> > supports multi providers.
> >
> > Note that this does not support a recent 9.2 feature of PostgreSQL that
> > adds security labels to global objects. This will be part of another
> > patch.
> >
> >
>
> Because of the latest push I did, it won't apply cleanly. There is one
> small issue which will be easy to fix.
>

While working on it, I thought I would better look at the same time at
supporting security labels for global/shared objects. So, here are two
patches. The first one is a revised version of the previous patch. It
fixes the apply issue, and it deals better with connections. The second
one supports security labels for global objects.


--
Guillaume
  http://blog.guillaume.lelarge.info
  http://www.dalibo.com

Re: Patch to add support for security labels on local objects

From
Guillaume Lelarge
Date:
On Sun, 2011-07-24 at 21:23 +0200, Guillaume Lelarge wrote:
> On Sun, 2011-07-24 at 17:40 +0200, Guillaume Lelarge wrote:
> > On Sun, 2011-07-24 at 10:58 +0200, Guillaume Lelarge wrote:
> > > Hi,
> > >
> > > This patch adds support to a PostgreSQL 9.1 feature called security
> > > labels. It adds a new tab to tables, columns, aggregates, domains,
> > > foreign tables, functions, languages, sequences, types, and views
> > > dialogs, that allows one to add security label for each provider they
> > > want. I suppose most users will have only one provider, but the patch
> > > supports multi providers.
> > >
> > > Note that this does not support a recent 9.2 feature of PostgreSQL that
> > > adds security labels to global objects. This will be part of another
> > > patch.
> > >
> > >
> >
> > Because of the latest push I did, it won't apply cleanly. There is one
> > small issue which will be easy to fix.
> >
>
> While working on it, I thought I would better look at the same time at
> supporting security labels for global/shared objects. So, here are two
> patches. The first one is a revised version of the previous patch. It
> fixes the apply issue, and it deals better with connections. The second
> one supports security labels for global objects.
>
>

Commited.


--
Guillaume
  http://blog.guillaume.lelarge.info
  http://www.dalibo.com


Re: Patch to add support for security labels on local objects

From
Vladimir Kokovic
Date:
Hi,

All
if (seclabelPage)
  should be
if (seclabelPage && connection->BackendMinimumVersion(9, 1))

Best regards,
Vladimir Kokovic, DP senior. Belgrade, Serbia

On 7/25/11, Guillaume Lelarge <guillaume@lelarge.info> wrote:
> On Sun, 2011-07-24 at 21:23 +0200, Guillaume Lelarge wrote:
>> On Sun, 2011-07-24 at 17:40 +0200, Guillaume Lelarge wrote:
>> > On Sun, 2011-07-24 at 10:58 +0200, Guillaume Lelarge wrote:
>> > > Hi,
>> > >
>> > > This patch adds support to a PostgreSQL 9.1 feature called security
>> > > labels. It adds a new tab to tables, columns, aggregates, domains,
>> > > foreign tables, functions, languages, sequences, types, and views
>> > > dialogs, that allows one to add security label for each provider they
>> > > want. I suppose most users will have only one provider, but the patch
>> > > supports multi providers.
>> > >
>> > > Note that this does not support a recent 9.2 feature of PostgreSQL
>> > > that
>> > > adds security labels to global objects. This will be part of another
>> > > patch.
>> > >
>> > >
>> >
>> > Because of the latest push I did, it won't apply cleanly. There is one
>> > small issue which will be easy to fix.
>> >
>>
>> While working on it, I thought I would better look at the same time at
>> supporting security labels for global/shared objects. So, here are two
>> patches. The first one is a revised version of the previous patch. It
>> fixes the apply issue, and it deals better with connections. The second
>> one supports security labels for global objects.
>>
>>
>
> Commited.
>
>
> --
> Guillaume
>   http://blog.guillaume.lelarge.info
>   http://www.dalibo.com
>
>
> --
> Sent via pgadmin-hackers mailing list (pgadmin-hackers@postgresql.org)
> To make changes to your subscription:
> http://www.postgresql.org/mailpref/pgadmin-hackers
>

Re: Patch to add support for security labels on local objects

From
Guillaume Lelarge
Date:
On Tue, 2011-08-02 at 09:49 +0200, Vladimir Kokovic wrote:
> Hi,
>
> All
> if (seclabelPage)
>   should be
> if (seclabelPage && connection->BackendMinimumVersion(9, 1))
>

Yes, and the same (but 9.2) for global/shared objects. Fix added.
Thanks.


--
Guillaume
  http://blog.guillaume.lelarge.info
  http://www.dalibo.com