Skip site navigation (1) Skip section navigation (2)

Updates of SE-PostgreSQL 8.4devel patches (r1710)

From: KaiGai Kohei <kaigai(at)ak(dot)jp(dot)nec(dot)com>
To: Heikki Linnakangas <heikki(dot)linnakangas(at)enterprisedb(dot)com>
Cc: Stephen Frost <sfrost(at)snowman(dot)net>, Tom Lane <tgl(at)sss(dot)pgh(dot)pa(dot)us>, KaiGai Kohei <kaigai(at)kaigai(dot)gr(dot)jp>, Bruce Momjian <bruce(at)momjian(dot)us>, Joshua Brindle <method(at)manicmethod(dot)com>, Robert Haas <robertmhaas(at)gmail(dot)com>, Andrew Dunstan <andrew(at)dunslane(dot)net>, Josh Berkus <josh(at)agliodbs(dot)com>, PG Hackers <pgsql-hackers(at)postgresql(dot)org>, Jaime Casanova <jcasanov(at)systemguards(dot)com(dot)ec>
Subject: Updates of SE-PostgreSQL 8.4devel patches (r1710)
Date: 2009-03-11 04:09:10
Message-ID: 49B73966.4040306@ak.jp.nec.com (view raw or flat)
Thread:
Lists: pgsql-hackers
Heikki, it is the list of updated patches:

http://sepgsql.googlecode.com/files/sepgsql-core-8.4devel-r1710.patch
http://sepgsql.googlecode.com/files/sepgsql-utils-8.4devel-r1710.patch
http://sepgsql.googlecode.com/files/sepgsql-policy-8.4devel-r1710.patch
http://sepgsql.googlecode.com/files/sepgsql-docs-8.4devel-r1710.patch
http://sepgsql.googlecode.com/files/sepgsql-tests-8.4devel-r1710.patch

- List of updates:
  * Permission checks on SET/SHOW were removed.
  * Add a new permission: db_database:{superuser}
    sepgsqlCheckDatabaseSuperuser() is invoked from superuser_arg()
    to check whether the clietn can perform as a superuser in this
    database, or not.
  * Permission checks on procedure installation is separated.
  * Permission checks on install/load C-libraries are separated.
  * Read file checks on pg_read_file() is added.

- Scale of patches:
  * r1710 (the latest revision)
    60 files changed, 3686 insertions(+), 10 deletions(-), 4952 modifications(!)
  * r1704 (previous revision)
    60 files changed, 4048 insertions(+), 11 deletions(-), 4944 modifications(!)

  ... about 300 lines were downsized.

- Remaining issue:
  * ACL_SELECT_FOR_UPDATE has same value with ACL_UPDATE, so SE-PostgreSQL
    checks db_table:{update} permission on SELECT ... FOR SHARE OF,
    instead of db_table:{lock} permission.

Thanks,
-- 
OSS Platform Development Division, NEC
KaiGai Kohei <kaigai(at)ak(dot)jp(dot)nec(dot)com>

In response to

Responses

pgsql-hackers by date

Next:From: KaiGai KoheiDate: 2009-03-11 05:14:40
Subject: Re: Updates of SE-PostgreSQL 8.4devel patches (r1704)
Previous:From: Koichi SuzukiDate: 2009-03-11 02:44:32
Subject: Re: V4 of PITR performance improvement for 8.4

Privacy Policy | About PostgreSQL
Copyright © 1996-2014 The PostgreSQL Global Development Group