Quick Links

AW: AW: "setuid" functions, a solution to the RI privil ege problem

From:	Zeugswetter Andreas SB <ZeugswetterA(at)wien(dot)spardat(dot)at>
To:	"'Peter Eisentraut'" <peter_e(at)gmx(dot)net>
Cc:	"Ross J(dot) Reedstrom" <reedstrm(at)rice(dot)edu>, PostgreSQL Development <pgsql-hackers(at)postgresql(dot)org>
Subject:	AW: AW: "setuid" functions, a solution to the RI privil ege problem
Date:	2000-09-18 08:16:59
Message-ID:	11C1E6749A55D411A9670001FA687963368080@sdexcsrv1.f000.d0188.sd.spardat.at
Views:	Raw Message \| Whole Thread \| Download mbox \| Resend email
Thread:
Lists:	pgsql-hackers

> But the pg_shadow authentication is based on credentials
> provided by the
> client whereas what you propose here would run on the server, so this
> doesn't make sense.

Since you can write extensions to PostgreSQL that reach far into the OS,
it does make sense to execute those extensions under a "non priviledged"
user, and not postgres. This OS user would somehow be tied to the username
that the client passes as his credentials (and that we trust to be
authenticated).

This is actually not my idea, it is implemented in Informix, DB2 and I think
Oracle.

Andreas

Responses

Re: AW: AW: "setuid" functions, a solution to the RI privil ege problem at 2000-09-18 19:56:01 from Peter Eisentraut

Browse pgsql-hackers by date

	From	Date	Subject
Next Message	Hannu Krosing	2000-09-18 08:17:57	Re: Notice and share memory corruption
Previous Message	Zeugswetter Andreas SB	2000-09-18 08:07:32	AW: new relkind for view