Skip site navigation (1) Skip section navigation (2)

Re: simply custom variables protection

From: "Pavel Stehule" <pavel(dot)stehule(at)hotmail(dot)com>
To: bruce(at)momjian(dot)us
Cc: pgsql-patches(at)postgresql(dot)org, andrew(at)dunslane(dot)net, tgl(at)sss(dot)pgh(dot)pa(dot)us
Subject: Re: simply custom variables protection
Date: 2007-04-07 17:42:37
Message-ID: BAY114-F2645382BDC3FDCC6388F49F95B0@phx.gbl (view raw or flat)
Thread:
Lists: pgsql-patches
>
>How does a user protect a custom variable using your code?  I don't see
>any API that would allow that.
>

Every module is responsibile for protectiong own custom variables. Only 
module knows if some variable needs protection. And after module 
inicialisation module can call ArmorCustomVariable function. From this 
moment only superuser can modify this custom variable. If it call 
ResetPGVariable() function before then default value is protected. It's 
question if test for superuser is necessery, I hope so it's usefull and I 
have posibility write security definer function where I can safely modify 
custom variables.




>---------------------------------------------------------------------------
>
> >
> > Regards
> > Pavel Stehule
> >
> >
> > >From: Bruce Momjian <bruce(at)momjian(dot)us>
> > >To: Pavel Stehule <pavel(dot)stehule(at)hotmail(dot)com>
> > >CC: pgsql-patches(at)postgresql(dot)org, andrew(at)dunslane(dot)net, 
>tgl(at)sss(dot)pgh(dot)pa(dot)us
> > >Subject: Re: [PATCHES] simply custom variables protection
> > >Date: Sat, 7 Apr 2007 11:54:13 -0400 (EDT)
> > >
> > >
> > >Pavel, would you remind me how this is useful?
> > >
> > 
> >---------------------------------------------------------------------------
> > >
> > >Pavel Stehule wrote:
> > > > Hello
> > > >
> > > > this patch contains function ArmorCustomVariables. This function set
> > >flag
> > > > armored on any custom variable. From this moment only superuser can
> > >change
> > > > this variable.
> > > >
> > > > p.s. use it together with ResetPGVariable()
> > > >
> > > > Regards
> > > > Pavel Stehule
> > > >
> > > > _________________________________________________________________
> > > > Citite se osamele? Poznejte nekoho vyjmecneho diky Match.com.
> > > > http://www.msn.cz/
> > >
> > >[ Attachment, skipping... ]
> > >
> > > >
> > > > ---------------------------(end of 
>broadcast)---------------------------
> > > > TIP 1: if posting/reading through Usenet, please send an appropriate
> > > >        subscribe-nomail command to majordomo(at)postgresql(dot)org so that 
>your
> > > >        message can get through to the mailing list cleanly
> > >
> > >--
> > >   Bruce Momjian  <bruce(at)momjian(dot)us>          http://momjian.us
> > >   EnterpriseDB                               
>http://www.enterprisedb.com
> > >
> > >   + If your life is a hard drive, Christ can be your backup. +
> > >
> > >---------------------------(end of 
>broadcast)---------------------------
> > >TIP 7: You can help support the PostgreSQL project by donating at
> > >
> > >                 http://www.postgresql.org/about/donate
> >
> > _________________________________________________________________
> > Najdete si svou lasku a nove pratele na Match.com. http://www.msn.cz/
>
>--
>   Bruce Momjian  <bruce(at)momjian(dot)us>          http://momjian.us
>   EnterpriseDB                               http://www.enterprisedb.com
>
>   + If your life is a hard drive, Christ can be your backup. +

_________________________________________________________________
Najdete si svou lasku a nove pratele na Match.com. http://www.msn.cz/


Responses

pgsql-patches by date

Next:From: Bruce MomjianDate: 2007-04-07 17:51:10
Subject: Re: LIMIT/SORT optimization
Previous:From: Tom LaneDate: 2007-04-07 17:38:30
Subject: Re: simply custom variables protection

Privacy Policy | About PostgreSQL
Copyright © 1996-2014 The PostgreSQL Global Development Group