Skip site navigation (1) Skip section navigation (2)

[sepgsql 2/3] Add db_schema:search permission checks

From: Kohei KaiGai <kaigai(at)kaigai(dot)gr(dot)jp>
To: PgHacker <pgsql-hackers(at)postgresql(dot)org>
Subject: [sepgsql 2/3] Add db_schema:search permission checks
Date: 2013-01-15 20:28:23
Message-ID: CADyhKSXatv4JHCVaPawXO7UXWRr-W-sn5r2a_GgLJDvt8j2jDA@mail.gmail.com (view raw or flat)
Thread:
Lists: pgsql-hackers
This patch adds sepgsql support for permission checks equivalent
to the existing SCHEMA USE privilege.

This feature is constructed on new OAT_SCHEMA_SEARCH event
type being invoked around pg_namespace_aclcheck().
So, its expected behavior also follows the behavior of existing
permissions; unprivileged schema is ignored from the search path,
or raise an error if object name is fully qualified.

This patch needs src/backend/catalog/objectaccess.c is existing,
so please apply this patch on top of this feature.
https://commitfest.postgresql.org/action/patch_view?id=1003

Thanks,
-- 
KaiGai Kohei <kaigai(at)kaigai(dot)gr(dot)jp>

Attachment: sepgsql-v9.3-schema-search-permission.v1.patch
Description: application/octet-stream (45.7 KB)

Responses

pgsql-hackers by date

Next:From: Christopher BrowneDate: 2013-01-15 20:37:07
Subject: Re: [PATCH] COPY .. COMPRESSED
Previous:From: Sergey KoposovDate: 2013-01-15 20:26:49
Subject: Re: Curious buildfarm failures (fwd)

Privacy Policy | About PostgreSQL
Copyright © 1996-2014 The PostgreSQL Global Development Group