| From: | KaiGai Kohei <kaigai(at)ak(dot)jp(dot)nec(dot)com> |
|---|---|
| To: | Tom Lane <tgl(at)sss(dot)pgh(dot)pa(dot)us> |
| Cc: | pgsql-hackers(at)postgresql(dot)org, KaiGai Kohei <kaigai(at)kaigai(dot)gr(dot)jp> |
| Subject: | Re: [0/4] Proposal of SE-PostgreSQL patches |
| Date: | 2008-05-30 06:08:56 |
| Message-ID: | 483F99F8.9080909@ak.jp.nec.com |
| Views: | Raw Message | Whole Thread | Download mbox | Resend email |
| Thread: | |
| Lists: | pgsql-hackers pgsql-patches |
Tom Lane wrote:
> The idea of input functions that alter system tables scares me.
An example:
SELECT 'system_u:object_r:sepgsql_table_t:SystemHigh'::security_label;
can insert a new tuple into pg_security, but it is not a desirable behavior.
To fix this, I'll remove security_label type and define "security_context"
system column as a text type column, and translate the contents into
an internal identifical representation just before update or insert a tuple.
It enables to avoid to insert a temporary used (unnecessary) security context,
and enables to use various kind of text functions.
Please comment it, if you have anything.
Thanks,
--
OSS Platform Development Division, NEC
KaiGai Kohei <kaigai(at)ak(dot)jp(dot)nec(dot)com>
| From | Date | Subject | |
|---|---|---|---|
| Next Message | Gurjeet Singh | 2008-05-30 07:01:46 | Re: Core team statement on replication in PostgreSQL |
| Previous Message | Tom Lane | 2008-05-30 05:10:20 | Re: Core team statement on replication in PostgreSQL |
| From | Date | Subject | |
|---|---|---|---|
| Next Message | Florian G. Pflug | 2008-05-30 08:42:34 | Re: Hint Bits and Write I/O |
| Previous Message | Tom Lane | 2008-05-29 22:48:35 | Re: minor change to replace function comment |