| From: | Robert Haas <robertmhaas(at)gmail(dot)com> |
|---|---|
| To: | Kohei KaiGai <kaigai(at)kaigai(dot)gr(dot)jp> |
| Cc: | Tom Lane <tgl(at)sss(dot)pgh(dot)pa(dot)us>, PgHacker <pgsql-hackers(at)postgresql(dot)org>, Florian Pflug <fgp(at)phlo(dot)org> |
| Subject: | Re: User-Id Tracking when Portal was started |
| Date: | 2012-07-04 19:44:41 |
| Message-ID: | CA+TgmoZiHtC_HuETFd=QsKXh7ydcN9s1HWAL+8vG+2hndkxy1Q@mail.gmail.com |
| Views: | Raw Message | Whole Thread | Download mbox | Resend email |
| Thread: | |
| Lists: | pgsql-hackers |
On Tue, Jul 3, 2012 at 12:46 PM, Kohei KaiGai <kaigai(at)kaigai(dot)gr(dot)jp> wrote:
>> My point is that it seems like a bug that the secContext gets restored
>> in one case and not the other, depending on which user ID was specified
>> in SET SESSION AUTHORIZATION.
>>
> Sorry, the above description mention about a case when it does not use
> the marker to distinguish a case to switch user-id from a case not to switch.
> (I though I was asked the behavior if this logic always switches /
> restores ids.)
>
> The patch itself works correctly, no regression test failed even though
> several tests switches user-id using SET SESSION AUTHORIZATION.
I don't believe that proves anything. There are lots of things that
aren't tested by the regression tests, and there's no guarantee that
any you've added cover all bases, either. We always treat user-ID and
security context as a unit; you haven't given any reason why this case
should be handled differently, and I bet it shouldn't.
--
Robert Haas
EnterpriseDB: http://www.enterprisedb.com
The Enterprise PostgreSQL Company
| From | Date | Subject | |
|---|---|---|---|
| Next Message | Robert Haas | 2012-07-04 19:58:27 | Re: Posix Shared Mem patch |
| Previous Message | Robert Haas | 2012-07-04 19:41:42 | Re: WIP patch for Todo Item : Provide fallback_application_name in contrib/pgbench, oid2name, and dblink |