Re: [COMMITTERS] pgsql: Add a hook in ExecCheckRTPerms().

From: Stephen Frost <sfrost(at)snowman(dot)net>
To: Robert Haas <robertmhaas(at)gmail(dot)com>
Cc: Tom Lane <tgl(at)sss(dot)pgh(dot)pa(dot)us>, Simon Riggs <simon(at)2ndquadrant(dot)com>, Robert Haas <rhaas(at)postgresql(dot)org>, pgsql-hackers(at)postgresql(dot)org
Subject: Re: [COMMITTERS] pgsql: Add a hook in ExecCheckRTPerms().
Date: 2010-07-09 17:44:26
Message-ID: 20100709174426.GX21875@tamriel.snowman.net
Views: Raw Message | Whole Thread | Download mbox | Resend email
Thread:
Lists: pgsql-committers pgsql-hackers

Robert,

* Robert Haas (robertmhaas(at)gmail(dot)com) wrote:
> This is certainly true, but I also wonder what SE-PostgreSQL plans to
> do about this. Taking this to its logical exteme, the system security
> policy could change in mid-query - and while you'd like to think that
> the system would stop emitting tuples on a dime, that's probably not
> too feasible in practice. I am assuming that SE-PostgreSQL will want
> to do some kind of caching, but I wonder how one decides what to cache
> and for how long, and whether there's any mechanism for propagating
> cache invalidations.

Yes, SE-PG will be doing cacheing and this exact problem has already
been addressed (KaiGai's original SE-PG patches included cacheing,
actually). It's also not something that's unique to PG in any way.

Thanks,

Stephen

In response to

Browse pgsql-committers by date

  From Date Subject
Next Message User Bmomjian 2010-07-09 17:47:42 pg-migrator - pg_migrator: Properly return errno/out-of-disk error on
Previous Message Simon Riggs 2010-07-09 17:38:52 Re: [COMMITTERS] pgsql: Add a hook in ExecCheckRTPerms().

Browse pgsql-hackers by date

  From Date Subject
Next Message Tom Lane 2010-07-09 18:01:11 Re: [COMMITTERS] pgsql: Add a hook in ExecCheckRTPerms().
Previous Message Simon Riggs 2010-07-09 17:38:52 Re: [COMMITTERS] pgsql: Add a hook in ExecCheckRTPerms().