Re: Simplify ACL handling for large objects and removal of superuser() checks

From: Michael Paquier <michael(dot)paquier(at)gmail(dot)com>
To: Vaishnavi Prabakaran <vaishnaviprabakaran(at)gmail(dot)com>
Cc: Robert Haas <robertmhaas(at)gmail(dot)com>, PostgreSQL mailing lists <pgsql-hackers(at)postgresql(dot)org>, Tom Lane <tgl(at)sss(dot)pgh(dot)pa(dot)us>
Subject: Re: Simplify ACL handling for large objects and removal of superuser() checks
Date: 2017-09-26 01:45:09
Views: Raw Message | Whole Thread | Download mbox
Lists: pgsql-hackers

On Tue, Sep 26, 2017 at 9:04 AM, Vaishnavi Prabakaran
<vaishnaviprabakaran(at)gmail(dot)com> wrote:
> Yes, I did realize on further reading the patch and what led to the
> confusion is that in the 3rd patch , updated documentation(copied below)
> still says that reading from a descriptor opened with INV_WRITE is possible.
> I think we need some correction here to reflect the modified code behavior.
> + or other transactions. Reading from a descriptor opened with
> + <symbol>INV_WRITE</symbol> or <symbol>INV_READ</> <literal>|</>
> + <symbol>INV_WRITE</symbol> returns data that reflects all writes of
> + other committed transactions as well as writes of the current
> + transaction.

Indeed, you are right. There is an error here. This should read as
"INV_READ | INV_WRITE" only. Using "INV_WRITE" implies that reads
cannot happen.

Attachment Content-Type Size
0001-Remove-ALLOW_DANGEROUS_LO_FUNCTIONS-for-LO-related-s.patch application/octet-stream 2.3 KB
0002-Replace-superuser-checks-of-large-object-import-expo.patch application/octet-stream 4.5 KB
0003-Move-ACL-checks-for-large-objects-when-opening-them.patch application/octet-stream 18.2 KB

In response to


Browse pgsql-hackers by date

  From Date Subject
Next Message Amit Langote 2017-09-26 01:54:40 Re: Shaky coding for vacuuming partitioned relations
Previous Message Euler Taveira 2017-09-26 01:36:59 Re: Enhancements to passwordcheck