| From: | "Pavel Stehule" <pavel(dot)stehule(at)hotmail(dot)com> |
|---|---|
| To: | bruce(at)momjian(dot)us |
| Cc: | pgsql-patches(at)postgresql(dot)org, andrew(at)dunslane(dot)net, tgl(at)sss(dot)pgh(dot)pa(dot)us |
| Subject: | Re: simply custom variables protection |
| Date: | 2007-04-07 17:42:37 |
| Message-ID: | BAY114-F2645382BDC3FDCC6388F49F95B0@phx.gbl |
| Views: | Raw Message | Whole Thread | Download mbox | Resend email |
| Thread: | |
| Lists: | pgsql-patches |
>
>How does a user protect a custom variable using your code? I don't see
>any API that would allow that.
>
Every module is responsibile for protectiong own custom variables. Only
module knows if some variable needs protection. And after module
inicialisation module can call ArmorCustomVariable function. From this
moment only superuser can modify this custom variable. If it call
ResetPGVariable() function before then default value is protected. It's
question if test for superuser is necessery, I hope so it's usefull and I
have posibility write security definer function where I can safely modify
custom variables.
>---------------------------------------------------------------------------
>
> >
> > Regards
> > Pavel Stehule
> >
> >
> > >From: Bruce Momjian <bruce(at)momjian(dot)us>
> > >To: Pavel Stehule <pavel(dot)stehule(at)hotmail(dot)com>
> > >CC: pgsql-patches(at)postgresql(dot)org, andrew(at)dunslane(dot)net,
>tgl(at)sss(dot)pgh(dot)pa(dot)us
> > >Subject: Re: [PATCHES] simply custom variables protection
> > >Date: Sat, 7 Apr 2007 11:54:13 -0400 (EDT)
> > >
> > >
> > >Pavel, would you remind me how this is useful?
> > >
> >
> >---------------------------------------------------------------------------
> > >
> > >Pavel Stehule wrote:
> > > > Hello
> > > >
> > > > this patch contains function ArmorCustomVariables. This function set
> > >flag
> > > > armored on any custom variable. From this moment only superuser can
> > >change
> > > > this variable.
> > > >
> > > > p.s. use it together with ResetPGVariable()
> > > >
> > > > Regards
> > > > Pavel Stehule
> > > >
> > > > _________________________________________________________________
> > > > Citite se osamele? Poznejte nekoho vyjmecneho diky Match.com.
> > > > http://www.msn.cz/
> > >
> > >[ Attachment, skipping... ]
> > >
> > > >
> > > > ---------------------------(end of
>broadcast)---------------------------
> > > > TIP 1: if posting/reading through Usenet, please send an appropriate
> > > > subscribe-nomail command to majordomo(at)postgresql(dot)org so that
>your
> > > > message can get through to the mailing list cleanly
> > >
> > >--
> > > Bruce Momjian <bruce(at)momjian(dot)us> http://momjian.us
> > > EnterpriseDB
>http://www.enterprisedb.com
> > >
> > > + If your life is a hard drive, Christ can be your backup. +
> > >
> > >---------------------------(end of
>broadcast)---------------------------
> > >TIP 7: You can help support the PostgreSQL project by donating at
> > >
> > > http://www.postgresql.org/about/donate
> >
> > _________________________________________________________________
> > Najdete si svou lasku a nove pratele na Match.com. http://www.msn.cz/
>
>--
> Bruce Momjian <bruce(at)momjian(dot)us> http://momjian.us
> EnterpriseDB http://www.enterprisedb.com
>
> + If your life is a hard drive, Christ can be your backup. +
_________________________________________________________________
Najdete si svou lasku a nove pratele na Match.com. http://www.msn.cz/
| From | Date | Subject | |
|---|---|---|---|
| Next Message | Bruce Momjian | 2007-04-07 17:51:10 | Re: LIMIT/SORT optimization |
| Previous Message | Tom Lane | 2007-04-07 17:38:30 | Re: simply custom variables protection |