Re: Granting SET and ALTER SYSTE privileges for GUCs

From: Mark Dilger <mark(dot)dilger(at)enterprisedb(dot)com>
To: Joshua Brindle <joshua(dot)brindle(at)crunchydata(dot)com>
Cc: Andrew Dunstan <andrew(at)dunslane(dot)net>, Robert Haas <robertmhaas(at)gmail(dot)com>, Jeff Davis <pgsql(at)j-davis(dot)com>, PostgreSQL-development <pgsql-hackers(at)postgresql(dot)org>, Tom Lane <tgl(at)sss(dot)pgh(dot)pa(dot)us>, Joe Conway <joe(at)crunchydata(dot)com>
Subject: Re: Granting SET and ALTER SYSTE privileges for GUCs
Date: 2021-12-15 15:56:12
Message-ID: 2D6C1081-DB7D-4260-8987-5B4912E95917@enterprisedb.com
Views: Raw Message | Whole Thread | Download mbox | Resend email
Thread:
Lists: pgsql-hackers

> On Dec 14, 2021, at 2:26 PM, Joshua Brindle <joshua(dot)brindle(at)crunchydata(dot)com> wrote:
>
> currently there is a failure in check-world (not sure if it's known):

That one is definitely my fault. 'en_US.UTF-8' exists on my platform, so I hadn't noticed. I've changed it to use 'C', which should be portable.

> One thing that seems like an omission to me is the absence of a
> InvokeObjectPostAlterHook in pg_setting_acl_aclcheck or
> pg_setting_acl_aclmask so that MAC extensions can also block this,
> InvokeObjectPostCreateHook is already in the create path so a
> PostAlter hook seems appropriate.

Good catch, but that seems like a strange place to put a PostAlterHook, so I added it to ExecGrant_Setting for v6, instead. This seems more consistent with the hook in SetDefaultACL.

(If you are really trying to do Managed Access Control (MAC), wouldn't that be a separate patch which adds security hooks into all *_aclcheck functions?)

Attachment Content-Type Size
v6-0001-Allow-GRANT-of-SET-and-ALTER-SYSTEM-SET-for-gucs.patch application/octet-stream 206.1 KB

In response to

Responses

Browse pgsql-hackers by date

  From Date Subject
Next Message Brar Piening 2021-12-15 15:59:19 Re: Add id's to various elements in protocol.sgml
Previous Message Mikael Kjellström 2021-12-15 15:47:14 Re: conchuela has some SSL issues