From: | Mohammed Ajil <ajilm(at)student(dot)ethz(dot)ch> |
---|---|
To: | <pgsql-general(at)postgresql(dot)org> |
Subject: | Getting the function definition from oid in before firing the function |
Date: | 2016-01-05 14:13:08 |
Message-ID: | 568BCF74.4000101@student.ethz.ch |
Views: | Raw Message | Whole Thread | Download mbox | Resend email |
Thread: | |
Lists: | pgsql-general |
Dear Postgres Team,
For my thesis about secure access control for database systems I need to
implement a new decision algorithm for deciding if commands can be
executed. For that algorithm to work I need to keep a stack that holds
all the commands that are currently running, like a stacktrace.
Each stack entry should contain the following:
- Session user
- User that runs the command (differs if we have security definer on
triggers)
- Command
- Oid of trigger (if it is one)
Now my problem consists of two steps:
- First I need to decide if the algorithm supports the trigger type
(only of LANGUAGE PLPGSQL).
- Second I need to get the SQL command that the function will execute.
What I tried was the following:
In the file trigger.c I have found the location where the function is
called. There I have access to the FunctionCallInfoData struct.
I have seen on
http://www.postgresql.org/docs/9.4/static/functions-info.html that there
is a function which should return the functions definition as a Datum
from the function oid. Now this is a bit weird since in the source code
the function expects a pointer to a FunctionCallInfoData struct, which
is no problem since I have access to both there.
But when I pass the the pointer to the FunctionCallInfoData I always get
an error stating that the cache lookup failed. I really don't know why,
since when I investigate the struct fcinfo in gdb it has valid entries
and also the oid of the function is accessible.
I would be glad for some help here.
Also another problem that I have at the moment is the following:
My advisor wanted to have a uniform interface for access control, thus I
have refactored the code of postgres and moved the relevant access
control parts to a new module (src/backend/access_control). Now I have
put the header files in src/include/access_control. What I don't quite
get is how to get make a Makefile that delivers the object files as
postgres needs them to link them to the main binary. Is it enough to
make a Makefile that just creates the object files and leaves them in
the correct folder for the root Makefile to pick them up or do I need to
modify the root Makefile too?
Thank you very much for your help in advance, for both problems I have
tried many variations and researched quite much, but did not find a
solution.
Kind regards,
Mohammed Ajil
--
--------------------------------------------
Mohammed Ajil
Bsc CS D-INFK
ajilm(at)student(dot)ethz(dot)ch
From | Date | Subject | |
---|---|---|---|
Next Message | Adrian Klaver | 2016-01-05 14:58:46 | Re: Please help! Server process was terminated by signal 11: Segmentation fault |
Previous Message | George Woodring | 2016-01-05 14:04:13 | Re: SSL connection issue via perl |