Quick Links

Updates of SE-PostgreSQL 8.4devel patches (r1348)

From:	KaiGai Kohei <kaigai(at)ak(dot)jp(dot)nec(dot)com>
To:	pgsql-hackers(at)postgresql(dot)org
Cc:	KaiGai Kohei <kaigai(at)kaigai(dot)gr(dot)jp>, bruce(at)momjian(dot)us, tgl(at)sss(dot)pgh(dot)pa(dot)us, simon(at)2ndQuadrant(dot)com
Subject:	Updates of SE-PostgreSQL 8.4devel patches (r1348)
Date:	2008-12-25 11:34:48
Message-ID:	49536FD8.9090502@ak.jp.nec.com
Views:	Raw Message \| Whole Thread \| Download mbox \| Resend email
Thread:
Lists:	pgsql-hackers

I updated the patch set of SE-PostgreSQL and related stuff (r1348)

[1/5] http://sepgsql.googlecode.com/files/sepostgresql-sepgsql-8.4devel-3-r1348.patch
[2/5] http://sepgsql.googlecode.com/files/sepostgresql-utils-8.4devel-3-r1348.patch
[3/5] http://sepgsql.googlecode.com/files/sepostgresql-policy-8.4devel-3-r1348.patch
[4/5] http://sepgsql.googlecode.com/files/sepostgresql-docs-8.4devel-3-r1348.patch
[5/5] http://sepgsql.googlecode.com/files/sepostgresql-tests-8.4devel-3-r1348.patch

Draft of the SE-PostgreSQL documentation is here:
http://wiki.postgresql.org/wiki/SEPostgreSQL
(It also should be updated for the recent changes...)

List of updates:
- The patches are rebased to the latest CVS HEAD.
Currently, previous ones (r1324) are not suitable for this.
- It put a copied relkind value on pg_attribute.attkind.
This change enables to reduce per tuple lookups for RELOID,
and improve robustness of security model.
- bugfix: heap_getsysattr() could return NULL, when enhanced
security feature is disabled. It is fixed to return an
alternative label/default acl.
- errcode_for_file_access() is applied on filesystem related
errors, instead of ERRCODE_SELINUX_ERROR.
- Reloptions related code for Row-level ACLs feature is flattened.
Now it invokes rowaclXXX() without PGACE hooks, because there is
an active effort to support variable kind of reloptions now.
- The "default_row_acl" got stored as text represenation due to
incorrect table dump. (We should not put it as security id.)
- bugfix: Makefile in src/test/sepgsql

Request for comments:

The current heap_reloptions() requires reloption-parser not to
raise an error when validate = false.
However, it makes a matter when we store "default_row_acl" as
a entry of reloptions. The input handler of AclItem[] can raise
an error if given input string has invalid format or users.

What solutions can be considered?
- Implement its own AclItem[] parser which does not raise an
error on validate = false.
- Set dependencies on users which appears in default Row-ACLs.
- Remove default Row-level ACLs feature.
- Any other idea?

And, I have a question.
Is the new reloption framework designed to store strings?
The latest one support Bool, Int and Real, doen't it?

Thanks,
--
OSS Platform Development Division, NEC
KaiGai Kohei <kaigai(at)ak(dot)jp(dot)nec(dot)com>

In response to

Updates of SE-PostgreSQL 8.4devel patches (r1324) at 2008-12-17 08:22:21 from KaiGai Kohei

Responses

Re: Updates of SE-PostgreSQL 8.4devel patches (r1348) at 2008-12-26 09:56:26 from KaiGai Kohei

Browse pgsql-hackers by date

	From	Date	Subject
Next Message	Pavel Stehule	2008-12-25 13:02:43	Re: Window-functions patch handling of aggregates
Previous Message	Hitoshi Harada	2008-12-25 10:49:37	Re: Window-functions patch handling of aggregates