Re: allowing privileges on untrusted languages

From: Peter Eisentraut <peter_e(at)gmx(dot)net>
To: Kohei KaiGai <kaigai(at)kaigai(dot)gr(dot)jp>
Cc: pgsql-hackers(at)postgresql(dot)org
Subject: Re: allowing privileges on untrusted languages
Date: 2013-03-27 20:27:43
Message-ID: 5153563F.4040706@gmx.net
Views: Raw Message | Whole Thread | Download mbox | Resend email
Thread:
Lists: pgsql-hackers

On 1/19/13 8:45 AM, Kohei KaiGai wrote:
> I think, it is a time to investigate separation of database superuser privileges
> into several fine-grained capabilities, like as operating system doing.
> https://github.com/torvalds/linux/blob/master/include/uapi/linux/capability.h

The Linux capabilities system exists because there is no normal file
system object to attach the privileges to. If there were
/dev/somethings for all of these things, there would not no need for the
capabilities thing.

In this case, the privileges system already exists. We just need to use it.

In response to

Browse pgsql-hackers by date

  From Date Subject
Next Message Peter Eisentraut 2013-03-27 20:35:00 Re: replace plugins directory with GUC
Previous Message Peter Eisentraut 2013-03-27 20:22:53 Re: allowing privileges on untrusted languages