On Mon, Apr 4, 2011 at 11:01 AM, Kohei Kaigai <Kohei(dot)Kaigai(at)eu(dot)nec(dot)com> wrote:
> Sorry, I missed a permission check on invocation of trusted procedures.
> When client's label getting switched to Y from X, we needed to check
> process:transition permission between label X and label Y.
> It is same manner when OS launches a program with a special label to
> cause domain transition.
> The attached patch adds checks this permission when user tries to
> invoke a trusted procedure and switch security label of the client.
> In addition, it also adds a case of regression test of this problem.
The Enterprise PostgreSQL Company
In response to
pgsql-hackers by date
|Next:||From: Susanne Ebrecht||Date: 2011-04-04 17:26:45|
|Subject: Re: [HACKERS] Uppercase SGML entity declarations|
|Previous:||From: Robert Haas||Date: 2011-04-04 17:24:15|
|Subject: Re: trivial patch: show SIREAD pids in pg_locks|