| From: | Stephen Frost <sfrost(at)snowman(dot)net> |
|---|---|
| To: | Abhijit Menon-Sen <ams(at)2ndQuadrant(dot)com> |
| Cc: | Michael Paquier <michael(dot)paquier(at)gmail(dot)com>, Simon Riggs <simon(at)2ndquadrant(dot)com>, MauMau <maumau307(at)gmail(dot)com>, pgsql-hackers(at)postgresql(dot)org, Fabrízio de Royes Mello <fabriziomello(at)gmail(dot)com>, Tom Lane <tgl(at)sss(dot)pgh(dot)pa(dot)us>, Bruce Momjian <bruce(at)momjian(dot)us>, Fujii Masao <masao(dot)fujii(at)gmail(dot)com>, Ian Barwick <ian(at)2ndquadrant(dot)com> |
| Subject: | Re: pgaudit - an auditing extension for PostgreSQL |
| Date: | 2014-12-18 14:06:12 |
| Message-ID: | 20141218140611.GO25679@tamriel.snowman.net |
| Views: | Raw Message | Whole Thread | Download mbox | Resend email |
| Thread: | |
| Lists: | pgsql-hackers |
Abhijit,
* Abhijit Menon-Sen (ams(at)2ndQuadrant(dot)com) wrote:
> At 2014-12-16 13:28:07 -0500, sfrost(at)snowman(dot)net wrote:
> >
> > The magic "audit" role has SELECT rights on a given table. When any
> > user does a SELECT against that table, ExecCheckRTPerms is called and
> > there's a hook there which the module can use to say "ok, does the
> > audit role have any permissions here?" and, if the result is yes, then
> > the command is audited.
>
> You're right, I did not understand that this is what you were proposing,
> and this is not what the code does. I went back and read your original
> description, and it seems I implemented only the subset I understood.
>
> I'll look into changing the code sometime next week.
Ok, great, thanks!
Stephen
| From | Date | Subject | |
|---|---|---|---|
| Next Message | Fujii Masao | 2014-12-18 14:08:35 | Re: Function to know last log write timestamp |
| Previous Message | Robert Haas | 2014-12-18 13:56:56 | Re: Proposal: Log inability to lock pages during vacuum |