| From: | Robert Haas <robertmhaas(at)gmail(dot)com> |
|---|---|
| To: | Kohei KaiGai <kaigai(at)kaigai(dot)gr(dot)jp> |
| Cc: | Kohei Kaigai <Kohei(dot)Kaigai(at)emea(dot)nec(dot)com>, PgHacker <pgsql-hackers(at)postgresql(dot)org>, Yeb Havinga <yebhavinga(at)gmail(dot)com> |
| Subject: | Re: [v9.1] sepgsql - userspace access vector cache |
| Date: | 2011-09-01 12:40:31 |
| Message-ID: | CA+Tgmob+vf6RReWpre58qU10+uoXmVUQDAXvOJ_3+HER2-h-Jg@mail.gmail.com |
| Views: | Raw Message | Whole Thread | Download mbox | Resend email |
| Thread: | |
| Lists: | pgsql-hackers |
On Fri, Aug 26, 2011 at 5:32 AM, Kohei KaiGai <kaigai(at)kaigai(dot)gr(dot)jp> wrote:
> Yes. It also caches an expected security label when a client being
> labeled as "scontext" tries to execute a procedure being labeled as
> "tcontext", to reduce number of system call invocations on fmgr_hook
> and needs_fmgr_hook.
> If the expected security label is not same with "scontext", it means
> the procedure performs as a trusted procedure that switches security
> label of the client during its execution; like a security invoker
> function.
> A pair of security labels are the only factor to determine whether the
> procedure is a trusted-procedure, or not. Thus, it is suitable to
> cache in userspace avc.
I've committed this, but I still think it would be helpful to revise
that comment. The turn "boosted up" is not very precise or
informative. Could you submit a separate, comment-only patch to
improve this?
--
Robert Haas
EnterpriseDB: http://www.enterprisedb.com
The Enterprise PostgreSQL Company
| From | Date | Subject | |
|---|---|---|---|
| Next Message | Robert Haas | 2011-09-01 12:51:43 | Re: dblink make fails under postgresql 8.4.4 on mac osx 10.4.11 |
| Previous Message | Alexander Korotkov | 2011-09-01 12:14:21 | Re: WIP: SP-GiST, Space-Partitioned GiST |