Re: [PATCH] Largeobject access controls

From: KaiGai Kohei <kaigai(at)ak(dot)jp(dot)nec(dot)com>
To: Jaime Casanova <jcasanov(at)systemguards(dot)com(dot)ec>
Cc: KaiGai Kohei <kaigai(at)kaigai(dot)gr(dot)jp>, Robert Haas <robertmhaas(at)gmail(dot)com>, Alvaro Herrera <alvherre(at)commandprompt(dot)com>, Tom Lane <tgl(at)sss(dot)pgh(dot)pa(dot)us>, pgsql-hackers(at)postgresql(dot)org
Subject: Re: [PATCH] Largeobject access controls
Date: 2009-09-24 06:26:00
Message-ID: 4ABB10F8.801@ak.jp.nec.com
Views: Raw Message | Whole Thread | Download mbox | Resend email
Thread:
Lists: pgsql-hackers

Jaime Casanova wrote:
> 2009/9/24 KaiGai Kohei <kaigai(at)ak(dot)jp(dot)nec(dot)com>:
>> Example)
>> postgres=# SET SESSION AUTHORIZATION ymj;
>> SET
>> postgres=> SELECT loread(lo_open(16453, x'40000'::int), 20);
>> ERROR: permission denied for largeobject 16453
>>
>> postgres=# SET largeobject_compat_acl = on; <---- enables compatible mode
>> SET (Only superuser can set it)
>> postgres=# SET SESSION AUTHORIZATION ymj;
>> SET
>> postgres=> SELECT loread(lo_open(16453, x'40000'::int), 20);
>> NOTICE: permission denied for largeobject 16453 <---- dose not prevent it
>
> i'm not really sure the warnings are worth the trouble but if you want
> to do it then the NOTICE version should use another message... i'm not
> comfortable with a "permission denied" that is simply ignored...

It is not a significant issue whether the compatible mode allows users
to bypass ACL checks with or without any notifications.

Which is the preferable one?

1. It always generates notifications whenever access violations.
2. It generates notifications at the first violation only.
3. It never generates notifications.

Thanks,
--
OSS Platform Development Division, NEC
KaiGai Kohei <kaigai(at)ak(dot)jp(dot)nec(dot)com>

In response to

Browse pgsql-hackers by date

  From Date Subject
Next Message Fujii Masao 2009-09-24 08:20:56 Re: Streaming Replication patch for CommitFest 2009-09
Previous Message KaiGai Kohei 2009-09-24 06:16:46 Re: [PATCH] Largeobject access controls