Re: Updates of SE-PostgreSQL 8.4devel patches (r1710)

From: KaiGai Kohei <kaigai(at)kaigai(dot)gr(dot)jp>
To: Heikki Linnakangas <heikki(dot)linnakangas(at)enterprisedb(dot)com>
Cc: KaiGai Kohei <kaigai(at)ak(dot)jp(dot)nec(dot)com>, Stephen Frost <sfrost(at)snowman(dot)net>, Tom Lane <tgl(at)sss(dot)pgh(dot)pa(dot)us>, Bruce Momjian <bruce(at)momjian(dot)us>, Joshua Brindle <method(at)manicmethod(dot)com>, Robert Haas <robertmhaas(at)gmail(dot)com>, Andrew Dunstan <andrew(at)dunslane(dot)net>, Josh Berkus <josh(at)agliodbs(dot)com>, PG Hackers <pgsql-hackers(at)postgresql(dot)org>, Jaime Casanova <jcasanov(at)systemguards(dot)com(dot)ec>
Subject: Re: Updates of SE-PostgreSQL 8.4devel patches (r1710)
Date: 2009-03-11 09:17:18
Message-ID: 49B7819E.2000101@kaigai.gr.jp
Views: Raw Message | Whole Thread | Download mbox | Resend email
Thread:
Lists: pgsql-hackers

Heikki Linnakangas wrote:
> KaiGai Kohei wrote:
>> * ACL_SELECT_FOR_UPDATE has same value with ACL_UPDATE, so SE-PostgreSQL
>> checks db_table:{update} permission on SELECT ... FOR SHARE OF,
>> instead of db_table:{lock} permission.
>
> This again falls into the category of trying to have more fine-grained
> permissions than vanilla PostgreSQL has. Just give up on the lock
> permission, and let it check update permission instead. Yes, it can be
> annoying that you need update-permission to do SELECT FOR SHARE, but
> that's an existing problem and not in scope for this patch.

Can I consider the term of "problem" means it can be resolved
in the future (v8.5, if possible) version?

--
KaiGai Kohei <kaigai(at)kaigai(dot)gr(dot)jp>

In response to

Responses

Browse pgsql-hackers by date

  From Date Subject
Next Message Heikki Linnakangas 2009-03-11 09:25:31 Re: Updates of SE-PostgreSQL 8.4devel patches (r1710)
Previous Message Heikki Linnakangas 2009-03-11 08:44:10 Re: Updates of SE-PostgreSQL 8.4devel patches (r1710)