From: | KaiGai Kohei <kaigai(at)ak(dot)jp(dot)nec(dot)com> |
---|---|
To: | Jaime Casanova <jcasanov(at)systemguards(dot)com(dot)ec> |
Cc: | KaiGai Kohei <kaigai(at)kaigai(dot)gr(dot)jp>, Robert Haas <robertmhaas(at)gmail(dot)com>, Alvaro Herrera <alvherre(at)commandprompt(dot)com>, Tom Lane <tgl(at)sss(dot)pgh(dot)pa(dot)us>, pgsql-hackers(at)postgresql(dot)org |
Subject: | Re: [PATCH] Largeobject access controls |
Date: | 2009-09-24 06:26:00 |
Message-ID: | 4ABB10F8.801@ak.jp.nec.com |
Views: | Raw Message | Whole Thread | Download mbox | Resend email |
Thread: | |
Lists: | pgsql-hackers |
Jaime Casanova wrote:
> 2009/9/24 KaiGai Kohei <kaigai(at)ak(dot)jp(dot)nec(dot)com>:
>> Example)
>> postgres=# SET SESSION AUTHORIZATION ymj;
>> SET
>> postgres=> SELECT loread(lo_open(16453, x'40000'::int), 20);
>> ERROR: permission denied for largeobject 16453
>>
>> postgres=# SET largeobject_compat_acl = on; <---- enables compatible mode
>> SET (Only superuser can set it)
>> postgres=# SET SESSION AUTHORIZATION ymj;
>> SET
>> postgres=> SELECT loread(lo_open(16453, x'40000'::int), 20);
>> NOTICE: permission denied for largeobject 16453 <---- dose not prevent it
>
> i'm not really sure the warnings are worth the trouble but if you want
> to do it then the NOTICE version should use another message... i'm not
> comfortable with a "permission denied" that is simply ignored...
It is not a significant issue whether the compatible mode allows users
to bypass ACL checks with or without any notifications.
Which is the preferable one?
1. It always generates notifications whenever access violations.
2. It generates notifications at the first violation only.
3. It never generates notifications.
Thanks,
--
OSS Platform Development Division, NEC
KaiGai Kohei <kaigai(at)ak(dot)jp(dot)nec(dot)com>
From | Date | Subject | |
---|---|---|---|
Next Message | Fujii Masao | 2009-09-24 08:20:56 | Re: Streaming Replication patch for CommitFest 2009-09 |
Previous Message | KaiGai Kohei | 2009-09-24 06:16:46 | Re: [PATCH] Largeobject access controls |