Re: Reimplementing permission checks for rules

From: Peter Eisentraut <peter_e(at)gmx(dot)net>
To: Tom Lane <tgl(at)sss(dot)pgh(dot)pa(dot)us>
Cc: pgsql-hackers(at)postgresql(dot)org
Subject: Re: Reimplementing permission checks for rules
Date: 2000-09-27 10:41:52
Message-ID: Pine.LNX.4.21.0009262329210.515-100000@peter
Views: Raw Message | Whole Thread | Download mbox | Resend email
Thread:
Lists: pgsql-hackers

Tom Lane writes:

> What I'm thinking about doing is eliminating the "skipAcl" RTE field
> and instead adding an Oid field named something like "checkAclAs".
> The semantics of this field would be "if zero, check access permissions
> for this table using the current effective userID; but if not zero,
> check access permissions as if you are this userID". Then the rule
> rewriter would do no access permission checks of its own, but would
> set this field appropriately in RTEs that it adds to queries. All the
> actual permissions checking would happen in one place in the executor.

I like it.

--
Peter Eisentraut peter_e(at)gmx(dot)net http://yi.org/peter-e/

In response to

Responses

Browse pgsql-hackers by date

  From Date Subject
Next Message Peter Eisentraut 2000-09-27 10:42:15 Re: Reimplementing permission checks for rules
Previous Message Peter Eisentraut 2000-09-27 10:26:18 There's the rub... (a meta note)