| From: | Tom Lane <tgl(at)sss(dot)pgh(dot)pa(dot)us> |
|---|---|
| To: | Peter Eisentraut <peter_e(at)gmx(dot)net> |
| Cc: | Martijn van Oosterhout <kleptog(at)svana(dot)org>, Alvaro Herrera <alvherre(at)commandprompt(dot)com>, Kevin Grittner <Kevin(dot)Grittner(at)wicourts(dot)gov>, Robert Haas <robertmhaas(at)gmail(dot)com>, Bruce Momjian <bruce(at)momjian(dot)us>, Josh Berkus <josh(at)agliodbs(dot)com>, KaiGai Kohei <kaigai(at)ak(dot)jp(dot)nec(dot)com>, jd(at)commandprompt(dot)com, David Fetter <david(at)fetter(dot)org>, KaiGai Kohei <kaigai(at)kaigai(dot)gr(dot)jp>, Itagaki Takahiro <itagaki(dot)takahiro(at)oss(dot)ntt(dot)co(dot)jp>, pgsql-hackers(at)postgresql(dot)org |
| Subject: | Re: Adding support for SE-Linux security |
| Date: | 2009-12-08 21:51:50 |
| Message-ID: | 7340.1260309110@sss.pgh.pa.us |
| Views: | Raw Message | Whole Thread | Download mbox | Resend email |
| Thread: | |
| Lists: | pgsql-hackers |
Peter Eisentraut <peter_e(at)gmx(dot)net> writes:
> PGACE wasn't a plugin system. It was an API inside the core code. If
> it had been a plugin system, this would have been much easier, because
> the plugin itself could have been developed independently.
Well, it should certainly have used function pointers or something to
allow better pluggability, but that would have been a trivial change.
I don't believe that doing so would have made development any easier.
The real problem in all this is to answer the question "do we have the
right hooks in the right places?". Whether the hooks lead to function
pointers or hard-wired calls doesn't enter into that. Moreover, since
we can confidently say that all the early answers will be "no", it would
be a serious mistake to try to develop the plugin independently.
Having to keep two independent sets of source code in sync would waste
a lot of effort every time you realized you needed to adjust the hook
definitions. Once you'd gotten to a releasable state maybe you could
assume the hook definitions would become stable, but right now I have no
confidence in that at all.
regards, tom lane
| From | Date | Subject | |
|---|---|---|---|
| Next Message | Kevin Grittner | 2009-12-08 22:07:04 | Re: tsearch parser inefficiency if text includes urls or emails - new version |
| Previous Message | Robert Haas | 2009-12-08 21:42:25 | Re: Adding support for SE-Linux security |