Quick Links

Re: [sepgsql 3/3] Add db_procedure:execute permission checks

From:	Alvaro Herrera <alvherre(at)2ndquadrant(dot)com>
To:	Kohei KaiGai <kaigai(at)kaigai(dot)gr(dot)jp>
Cc:	PgHacker <pgsql-hackers(at)postgresql(dot)org>
Subject:	Re: [sepgsql 3/3] Add db_procedure:execute permission checks
Date:	2013-04-10 23:49:50
Message-ID:	20130410234950.GW3751@eldon.alvh.no-ip.org
Views:	Raw Message \| Whole Thread \| Download mbox \| Resend email
Thread:
Lists:	pgsql-hackers

Kohei KaiGai wrote:
> This patch adds sepgsql support for permission checks almost
> equivalent to the existing FUNCTION EXECUTE privilege.

While skimming this patch I noticed that you're using
getObjectDescription() as the "audit_name" of objects. This may be a
bit unstable, for example consider that it's translated if lc_messages
is set to something other than english. I would suggest that the object
identity as introduced by commit f8348ea32ec8 is a better choice for
this.

--
Álvaro Herrera http://www.2ndQuadrant.com/
PostgreSQL Development, 24x7 Support, Training & Services

In response to

[sepgsql 3/3] Add db_procedure:execute permission checks at 2013-01-15 20:46:46 from Kohei KaiGai

Responses

Re: [sepgsql 3/3] Add db_procedure:execute permission checks at 2013-04-11 16:10:35 from Kohei KaiGai

Browse pgsql-hackers by date

	From	Date	Subject
Next Message	Michael Paquier	2013-04-11 00:55:51	Re: SIGHUP not received by custom bgworkers if postmaster is notified
Previous Message	Robert Haas	2013-04-10 23:37:48	Re: corrupt pages detected by enabling checksums