| From: | Robert Haas <robertmhaas(at)gmail(dot)com> |
|---|---|
| To: | Stephen Frost <sfrost(at)snowman(dot)net> |
| Cc: | Michael Paquier <michael(dot)paquier(at)gmail(dot)com>, Simon Riggs <simon(at)2ndquadrant(dot)com>, MauMau <maumau307(at)gmail(dot)com>, Abhijit Menon-Sen <ams(at)2ndquadrant(dot)com>, PostgreSQL-development <pgsql-hackers(at)postgresql(dot)org>, Fabrízio de Royes Mello <fabriziomello(at)gmail(dot)com>, Tom Lane <tgl(at)sss(dot)pgh(dot)pa(dot)us>, Bruce Momjian <bruce(at)momjian(dot)us>, Fujii Masao <masao(dot)fujii(at)gmail(dot)com>, Ian Barwick <ian(at)2ndquadrant(dot)com> |
| Subject: | Re: pgaudit - an auditing extension for PostgreSQL |
| Date: | 2014-12-22 13:05:57 |
| Message-ID: | CA+TgmoYeeAWDoyBaBAmNFJbivZ9FO=nK-4WZDVdJxBNthKBFrA@mail.gmail.com |
| Views: | Raw Message | Whole Thread | Download mbox | Resend email |
| Thread: | |
| Lists: | pgsql-hackers |
On Tue, Dec 16, 2014 at 1:28 PM, Stephen Frost <sfrost(at)snowman(dot)net> wrote:
> The magic "audit" role has SELECT rights on a given table. When any
> user does a SELECT against that table, ExecCheckRTPerms is called and
> there's a hook there which the module can use to say "ok, does the audit
> role have any permissions here?" and, if the result is yes, then the
> command is audited. Note that this role, from core PG's perspective,
> wouldn't be special at all; it would just be that pgaudit would use the
> role's permissions as a way to figure out if a given command should be
> audited or not.
This is a little weird because you're effectively granting an
anti-permission. I'm not sure whether that ought to be regarded as a
serious problem, but it's a little surprising.
Also, what makes the "audit" role magical?
--
Robert Haas
EnterpriseDB: http://www.enterprisedb.com
The Enterprise PostgreSQL Company
| From | Date | Subject | |
|---|---|---|---|
| Next Message | Robert Haas | 2014-12-22 13:12:52 | Re: Postgres TR for missing chunk |
| Previous Message | Tomas Vondra | 2014-12-22 12:47:11 | Re: pgbench -f and vacuum |