| From: | Robert Haas <robertmhaas(at)gmail(dot)com> |
|---|---|
| To: | KaiGai Kohei <kaigai(at)ak(dot)jp(dot)nec(dot)com> |
| Cc: | KaiGai Kohei <kaigai(at)kaigai(dot)gr(dot)jp>, PgHacker <pgsql-hackers(at)postgresql(dot)org> |
| Subject: | Re: sepgsql contrib module |
| Date: | 2011-01-20 04:01:27 |
| Message-ID: | AANLkTi=yepQXdF6vs8ZeUbHST20D9P9kNDNqKCWunFCq@mail.gmail.com |
| Views: | Whole Thread | Raw Message | Download mbox | Resend email |
| Thread: | |
| Lists: | pgsql-hackers |
2011/1/19 KaiGai Kohei <kaigai(at)ak(dot)jp(dot)nec(dot)com>:
>> And how about adding a
>> ProcessUtility_hook to trap evil non-DML statements that some
>> nefarious user might issues?
>>
> It seems to me reasonable as long as the number of controlled command
> are limited. For example, LOAD command may be a candidate being
> controlled without exceptions.
> However, it will be a tough work, if the plug-in tries to parse and
> analyze supplied utility commands by itself.
I think the key is to either accept or reject the command based on
very simple criteria - decide based only on the command type, and
ignore its parameters.
> I uploaded my draft here.
> http://wiki.postgresql.org/wiki/SEPostgreSQL_Documentation
>
> If reasonable, I'll move them into *.sgml style.
I have yet to review that, but will try to get to it before too much
more time goes by.
> I may want to simplify the step to installation using an installer
> script.
OK, but let's get this nailed down as soon as possible. Tempus fugit.
--
Robert Haas
EnterpriseDB: http://www.enterprisedb.com
The Enterprise PostgreSQL Company
| From | Date | Subject | |
|---|---|---|---|
| Next Message | Robert Haas | 2011-01-20 04:03:03 | Re: REVIEW: EXPLAIN and nfiltered |
| Previous Message | KaiGai Kohei | 2011-01-20 03:48:16 | Re: sepgsql contrib module |