| From: | Martijn van Oosterhout <kleptog(at)svana(dot)org> |
|---|---|
| To: | Simon Riggs <simon(at)2ndQuadrant(dot)com> |
| Cc: | KaiGai Kohei <kaigai(at)ak(dot)jp(dot)nec(dot)com>, pgsql-hackers(at)postgresql(dot)org |
| Subject: | Re: Updates of SE-PostgreSQL 8.4devel patches (r1197) |
| Date: | 2008-11-07 21:51:48 |
| Message-ID: | 20081107215148.GA11469@svana.org |
| Views: | Whole Thread | Raw Message | Download mbox | Resend email |
| Thread: | |
| Lists: | pgsql-hackers |
On Fri, Nov 07, 2008 at 01:50:18PM +0000, Simon Riggs wrote:
> How will unique indexes work? Do you implicitly add security context as
> last column on every unique index, or does the uniqueness violation only
> occurs within security contexts, or does the uniqueness violation tested
> against all contextx that the inserter can currently see? Is there a
> change to system catalogs?
The wiki clearly states that the unique test is prior to any filtering.
Anything else seems crazy to me.
http://wiki.postgresql.org/wiki/SEPostgreSQL#Unique_constraint
> Foreign Key deletions could be handled correctly if you treat them as
> updates. If we have the following example
Why? If a client does a delete and the database says OK, the tuple
should be gone, *for everyone*.
http://wiki.postgresql.org/wiki/SEPostgreSQL#Foreign_Key_constraint
It is the responsibility of the DB administrator to worry about covert
channels.
Have a nice day,
--
Martijn van Oosterhout <kleptog(at)svana(dot)org> http://svana.org/kleptog/
> Please line up in a tree and maintain the heap invariant while
> boarding. Thank you for flying nlogn airlines.
| From | Date | Subject | |
|---|---|---|---|
| Next Message | Tom Lane | 2008-11-07 21:52:03 | Re: Updates of SE-PostgreSQL 8.4devel patches (r1197) |
| Previous Message | Tom Lane | 2008-11-07 21:45:27 | Re: TABLE command |