From: | August Zajonc <augustz(at)augustz(dot)com> |
---|---|
To: | Golden Liu <goldenliu(at)gmail(dot)com> |
Cc: | pgsql-hackers(at)postgresql(dot)org |
Subject: | Re: Google SoC: column-level privilege subsystem |
Date: | 2007-04-24 16:34:09 |
Message-ID: | 462E3181.8050705@augustz.com |
Views: | Raw Message | Whole Thread | Download mbox | Resend email |
Thread: | |
Lists: | pgsql-hackers |
Golden Liu wrote:
> 3. Before evaluating a SQL command, check column-level privilege.
> This is done AFTER checking table-level privilege. As I mentioned
> before, if table-level privilege is granted, it's not necessary to
> check column-level privilege.
Golden, this sounds good. I'm just a user.
It sounds like table || column is the check, so table implies all of
columns. ie, revoking a column permission does nothing unless TABLE
permission is also revoked.
It also might be nice to specify some of the failure / usage modes.
ie, how does "SELECT * FROM Students" work if I don't have permission to
a column. Return all values except for forbidden ones? How does "SELECT
ForbiddenColumn FROM Students" work.
For INSERTS, they probably need to fail if you don't have permission to
non-null columns. What about columns with default values? Are inserts
permitted if you don't have permission to a column with default values?
Do you have a project page up somewhere? I wouldn't mind helping with
some of the documentation for example.
Good luck!
- August
From | Date | Subject | |
---|---|---|---|
Next Message | Peter Eisentraut | 2007-04-24 16:45:56 | UNION with more than 2 branches |
Previous Message | William Lawrance | 2007-04-24 16:29:45 | Re: [HACKERS] BUG #3244: problem with PREPARE |