Skip site navigation (1) Skip section navigation (2)

Re: 8.4 release planning

From: Simon Riggs <simon(at)2ndQuadrant(dot)com>
To: Tom Lane <tgl(at)sss(dot)pgh(dot)pa(dot)us>
Cc: Joshua Brindle <method(at)manicmethod(dot)com>, Ron Mayer <rm_pg(at)cheapcomplexdevices(dot)com>, Josh Berkus <josh(at)agliodbs(dot)com>, "Joshua D(dot) Drake" <jd(at)commandprompt(dot)com>, Robert Haas <robertmhaas(at)gmail(dot)com>, Merlin Moncure <mmoncure(at)gmail(dot)com>, "Jonah H(dot) Harris" <jonah(dot)harris(at)gmail(dot)com>, Gregory Stark <stark(at)enterprisedb(dot)com>, Bruce Momjian <bruce(at)momjian(dot)us>, Bernd Helmle <mailings(at)oopsware(dot)de>, Peter Eisentraut <peter_e(at)gmx(dot)net>, pgsql-hackers(at)postgresql(dot)org
Subject: Re: 8.4 release planning
Date: 2009-01-27 15:58:02
Message-ID: 1233071882.2327.2191.camel@ebony.2ndQuadrant (view raw or flat)
Thread:
Lists: pgsql-hackers
On Mon, 2009-01-26 at 22:55 -0500, Tom Lane wrote:

> Silently filtering out rows according to an arbitrary security policy
> can break a bunch of fundamental SQL semantics, the most obvious being
> foreign key constraints

That was exactly my reaction when I read the way it worked and I was
ready to reject the patch as a result. Bruce and KaiGai provided
documents that discuss the problem and it's a clearly a known issue in
the security community. Specifically, it hasn't prevented Oracle from
gaining security Certification and it shouldn't prevent us either. In
the end it's the certification that matters here, rather than a general
review of what database security is, or could be.

I've seen enough to be happy that KaiGai has done a thorough job on
*attempting* to address the needs of the security people. Passing
security audit is the real test and I won't be beating him up if we do
miss slightly. We have to try, otherwise we'll never know. 

My concerns are all about what it does to our code and the impacts of
that. These are things we know how to check.

-- 
 Simon Riggs           www.2ndQuadrant.com
 PostgreSQL Training, Services and Support


In response to

Responses

pgsql-hackers by date

Next:From: Joshua D. DrakeDate: 2009-01-27 16:03:10
Subject: Re: 8.4 release planning (was Re: [COMMITTERS] pgsql: Automatic view update rules)
Previous:From: Kevin GrittnerDate: 2009-01-27 15:57:18
Subject: Re: More FOR UPDATE/FOR SHARE problems

Privacy Policy | About PostgreSQL
Copyright © 1996-2014 The PostgreSQL Global Development Group