Quick Links

Re: Updates of SE-PostgreSQL 8.4devel patches (r1668)

From:	Heikki Linnakangas <heikki(dot)linnakangas(at)enterprisedb(dot)com>
To:	KaiGai Kohei <kaigai(at)ak(dot)jp(dot)nec(dot)com>
Cc:	Bruce Momjian <bruce(at)momjian(dot)us>, KaiGai Kohei <kaigai(at)kaigai(dot)gr(dot)jp>, Joshua Brindle <method(at)manicmethod(dot)com>, Robert Haas <robertmhaas(at)gmail(dot)com>, Stephen Frost <sfrost(at)snowman(dot)net>, Andrew Dunstan <andrew(at)dunslane(dot)net>, Josh Berkus <josh(at)agliodbs(dot)com>, PG Hackers <pgsql-hackers(at)postgresql(dot)org>, Jaime Casanova <jcasanov(at)systemguards(dot)com(dot)ec>
Subject:	Re: Updates of SE-PostgreSQL 8.4devel patches (r1668)
Date:	2009-03-04 20:28:02
Message-ID:	49AEE452.3030004@enterprisedb.com
Views:	Raw Message \| Whole Thread \| Download mbox \| Resend email
Thread:
Lists:	pgsql-hackers

Ok, I've taken a quick look at this too. My first impression is that
this is actually not a very big patch. Much much smaller than I was
afraid of. It seems that dropping the row-level security and the other
change you've already done have helped a great deal.

My first question is, why does the patch need the walker implementation
to gather all the accessed tables and columns? Can't you hook into the
usual pg_xxx_aclcheck() functions? In fact, Peter asked that same
question here:
http://archives.postgresql.org/pgsql-hackers/2009-01/msg02295.php (among
other things). Many things have changed since, but I don't think that
question has been adequately answered. Different handling of permissions
on views was mentioned, but I think that could be handled with just a
few extra checks in the rewriter or executor.

The hooks in simple_heap_insert also seem a bit weird. Perhaps an
artifact of the row-level security stuff that's no longer there. ISTM
that setting the defaults should be done in the same places where the
defaults for acl columns are filled, e.g in ProcedureCreate.

PS. s/proselabal/proselabel

--
Heikki Linnakangas
EnterpriseDB http://www.enterprisedb.com

In response to

Updates of SE-PostgreSQL 8.4devel patches (r1668) at 2009-03-03 07:39:30 from KaiGai Kohei

Responses

Re: Updates of SE-PostgreSQL 8.4devel patches (r1668) at 2009-03-05 01:01:14 from KaiGai Kohei

Browse pgsql-hackers by date

	From	Date	Subject
Next Message	Dimitri Fontaine	2009-03-04 20:28:11	Re: Is there an official log reader for PostgreSQL?
Previous Message	André Volpato	2009-03-04 20:27:34	cbrt() broken in AIX