| From: | Stephen Frost <sfrost(at)snowman(dot)net> |
|---|---|
| To: | KaiGai Kohei <kaigai(at)kaigai(dot)gr(dot)jp> |
| Cc: | Robert Haas <robertmhaas(at)gmail(dot)com>, KaiGai Kohei <kaigai(at)ak(dot)jp(dot)nec(dot)com>, PgSQL-Hackers <pgsql-hackers(at)postgresql(dot)org> |
| Subject: | Re: security hook on table creation |
| Date: | 2010-09-29 15:13:56 |
| Message-ID: | 20100929151356.GA26232@tamriel.snowman.net |
| Views: | Raw Message | Whole Thread | Download mbox | Resend email |
| Thread: | |
| Lists: | pgsql-hackers |
KaiGai,
* KaiGai Kohei (kaigai(at)kaigai(dot)gr(dot)jp) wrote:
> All the existing security checks applies before modifying system catalogs.
>
> At least, I cannot find out any constructive reason why we try to apply
> permission checks on object creation time with different manner towards
> the existing privilege mechanism...
The reason to do it was pretty clear- makes the code flow alot nicer and
make more sense. The existing checks aren't really doing the same thing
as this one, so I don't see that as a really good reason to contort the
code. The impression you gave is that you had a security concern
associated with this, if that's the case, please articulate what that
concern is and we can then address it. If you concern is just about
code clarity and flow, I think I'd have to vote with Robert on this one.
Thanks,
Stephen
| From | Date | Subject | |
|---|---|---|---|
| Next Message | Tom Lane | 2010-09-29 15:24:55 | Re: operator dependency of commutator and negator |
| Previous Message | Kevin Grittner | 2010-09-29 15:10:58 | Re: git diff --patience |