Skip site navigation (1) Skip section navigation (2)

Re: Largeobject Access Controls (r2460)

From: Takahiro Itagaki <itagaki(dot)takahiro(at)oss(dot)ntt(dot)co(dot)jp>
To: KaiGai Kohei <kaigai(at)ak(dot)jp(dot)nec(dot)com>
Cc: Jaime Casanova <jcasanov(at)systemguards(dot)com(dot)ec>, Greg Smith <greg(at)2ndquadrant(dot)com>, pgsql-hackers(at)postgresql(dot)org
Subject: Re: Largeobject Access Controls (r2460)
Date: 2009-12-11 01:16:56
Message-ID: (view raw, whole thread or download thread mbox)
Lists: pgsql-hackers
KaiGai Kohei <kaigai(at)ak(dot)jp(dot)nec(dot)com> wrote:

> > we still allow "SELECT * FROM pg_largeobject" ...right?
> It can be solved with revoking any privileges from anybody in the initdb
> phase. So, we should inject the following statement for setup_privileges().
>   REVOKE ALL ON pg_largeobject FROM PUBLIC;

OK, I'll add the following description in the documentation of pg_largeobject.

   <structname>pg_largeobject</structname> should not be readable by the
   public, since the catalog contains data in large objects of all users.
   <structname>pg_largeobject_metadata</> is a publicly readable catalog
   that only contains identifiers of large objects.

> {"lo_compat_privileges", PGC_SUSET, COMPAT_OPTIONS_PREVIOUS,
>     gettext_noop("Turn on/off privilege checks on large objects."),

The description is true, but gives a confusion because
"lo_compat_privileges = on" means "privilege checks are turned off".

  short desc: Enables backward compatibility in privilege checks on large objects
  long desc: When turned on, privilege checks on large objects are disabled.

Are those descriptions appropriate?

Takahiro Itagaki
NTT Open Source Software Center

In response to


pgsql-hackers by date

Next:From: Greg SmithDate: 2009-12-11 01:28:57
Subject: Re: Adding support for SE-Linux security
Previous:From: Greg SmithDate: 2009-12-11 01:13:36
Subject: Re: thread safety on clients

Privacy Policy | About PostgreSQL
Copyright © 1996-2017 The PostgreSQL Global Development Group