| From: | KaiGai Kohei <kaigai(at)ak(dot)jp(dot)nec(dot)com> |
|---|---|
| To: | Tom Lane <tgl(at)sss(dot)pgh(dot)pa(dot)us> |
| Cc: | pgsql-hackers(at)postgresql(dot)org, KaiGai Kohei <kaigai(at)kaigai(dot)gr(dot)jp> |
| Subject: | Re: [0/4] Proposal of SE-PostgreSQL patches |
| Date: | 2008-05-08 06:06:51 |
| Message-ID: | 4822987B.9060609@ak.jp.nec.com |
| Views: | Raw Message | Whole Thread | Download mbox | Resend email |
| Thread: | |
| Lists: | pgsql-hackers pgsql-patches |
>> The whole "early security" business looks like a mess :-(. I suspect
>> you should rip all that out of the backend and add a step to initdb
>> that fills in those tables.
>
> I also think "early security" codes are ad-hoc. :-(
> Pushing it into initdb seems me a good idea.
> I'll try to consider whether it is possible, or not.
The purpose of "early security" code is to manage relationship security
identifier and text representation before pg_security creation.
Therefore, we can make it redundant if initializing security attributes
can be done later. In the next patch set, I'll inject a hook to initialize
them at the last of bootstraping phase, and remove "early security" code.
Any tuples inserted during bootstraping mode are unlabeled, and this
operation is always allowed. Then, this hook is invoked after setting
up all system catalog, and it labels whole of database, as if "restorecon"
command initialize security context of filesystem objects.
How do you think about this design?
--
OSS Platform Development Division, NEC
KaiGai Kohei <kaigai(at)ak(dot)jp(dot)nec(dot)com>
| From | Date | Subject | |
|---|---|---|---|
| Next Message | Martijn van Oosterhout | 2008-05-08 06:44:46 | Re: Auto-updated fields |
| Previous Message | Tom Lane | 2008-05-08 04:41:38 | Re: Auto-updated fields |
| From | Date | Subject | |
|---|---|---|---|
| Next Message | Bernd Helmle | 2008-05-08 11:48:01 | Re: Updatable views |
| Previous Message | Bruce Momjian | 2008-05-08 02:24:13 | Re: postgresql in FreeBSD jails: proposal |