Skip site navigation (1) Skip section navigation (2)

Re: [PATCH] remove redundant ownership checks

From: Tom Lane <tgl(at)sss(dot)pgh(dot)pa(dot)us>
To: Robert Haas <robertmhaas(at)gmail(dot)com>
Cc: Bruce Momjian <bruce(at)momjian(dot)us>, KaiGai Kohei <kaigai(at)ak(dot)jp(dot)nec(dot)com>, Stephen Frost <sfrost(at)snowman(dot)net>, pgsql-hackers(at)postgresql(dot)org
Subject: Re: [PATCH] remove redundant ownership checks
Date: 2010-01-13 19:54:49
Message-ID: (view raw, whole thread or download thread mbox)
Lists: pgsql-hackers
Robert Haas <robertmhaas(at)gmail(dot)com> writes:
> On Wed, Jan 13, 2010 at 1:34 PM, Tom Lane <tgl(at)sss(dot)pgh(dot)pa(dot)us> wrote:
>> If I thought this patch represented incremental movement in the
>> direction of a better security-check factorization, I'd be fine with it,
>> but that's not clear either. The argument for it is that these checks
>> are redundant with some other ones, but why should we remove these and
>> not the other ones instead?

> That's a good question, and I have an answer [ namely that ALTER TABLE
> is the right place ].

But note Stephen Frost's concurrent reply suggesting that he wants to
move the checks *out* of ALTER TABLE.  With his plan, these checks
are probably in the right place already.

I'm a little worried by Stephen's plan, mainly because I'm concerned
that it would lead to ALTER TABLE taking exclusive lock on a table long
before it gets around to checking permissions.  Still, that's just
extending a window that exists now.

Anyway, this is the sort of thing that should be hashed out before
starting to write code.  Adding or removing security checks is not
the hard part, the hard part is deciding where they should be.

			regards, tom lane

In response to


pgsql-hackers by date

Next:From: James William PyeDate: 2010-01-13 20:06:58
Subject: Re: plpython3
Previous:From: Sergej GalkinDate: 2010-01-13 19:53:30
Subject: segmentation fault in function

Privacy Policy | About PostgreSQL
Copyright © 1996-2017 The PostgreSQL Global Development Group