Re: [v9.1] Add security hook on initialization of instance

(2010/06/14 21:15), Robert Haas wrote:
> 2010/6/14 KaiGai Kohei<kaigai(at)kaigai(dot)gr(dot)jp>:
>> (2010/06/14 20:01), Stephen Frost wrote:
>>> * KaiGai Kohei (kaigai(at)ak(dot)jp(dot)nec(dot)com) wrote:
>>>> The attached patch tries to add one more security hook on the
>>>> initialization of PostgreSQL instance (InitPostgres()).
>>>>
>>>> It gives the external security module a chance to initialize itself,
>>>> and acquire credential of the client.
>>>>
>>>> I assumed the best place to initialize the module is just after the
>>>> initialize_acl() invocation, if ESP is available.
>>>> We have not discussed about this hook yet. So, I'd like to see any
>>>> comments.
>>>
>>> Aren't modules given a __PG_Init or something similar that they can
>>> define which will be called when the module is loaded..?
>>>
>> I assume the security module shall be loaded within 'shared_preload_libraries',
>> because we can overwrite 'local_preload_libraries' (PGC_BACKEND) setting using
>> connection string, so it allows users to bypass security features, doesn't it?
>
> Yeah, but so what? Stephen's point is still valid.
>
On the hook, I'd like to obtain security context of the client process
which connected to the PostgreSQL instance. It is not available at the
_PG_init() phase, because clients don't connect yet.

Thanks,
--
KaiGai Kohei <kaigai(at)ak(dot)jp(dot)nec(dot)com>