| From: | Robert Haas <robertmhaas(at)gmail(dot)com> |
|---|---|
| To: | KaiGai Kohei <kaigai(at)ak(dot)jp(dot)nec(dot)com> |
| Cc: | pgsql-hackers(at)postgresql(dot)org |
| Subject: | Re: ExecutorCheckPerms() hook |
| Date: | 2010-05-25 03:16:39 |
| Message-ID: | AANLkTikkRInxeoTFmsw707WvvPjW4v6Q9CZhS4Gt-Aeo@mail.gmail.com |
| Views: | Whole Thread | Raw Message | Download mbox | Resend email |
| Thread: | |
| Lists: | pgsql-hackers |
2010/5/24 KaiGai Kohei <kaigai(at)ak(dot)jp(dot)nec(dot)com>:
> I think we need a new SPI_*() interface which allows to run the given query
> without any permission checks, because these queries are purely internal stuff,
> so we can trust the query is harmless.
[...]
> I'm afraid of that the src/backend/catalog/aclchk.c will become overcrowding
> in the future. If it is ugly to deploy checker functions in separated dir/files,
> I think it is an idea to put it on the execMain.c, instead of ExecCheckRTEPerms().
Both of these are bad ideas, for reasons Stephen Frost has articulated well.
--
Robert Haas
EnterpriseDB: http://www.enterprisedb.com
The Enterprise Postgres Company
| From | Date | Subject | |
|---|---|---|---|
| Next Message | Robert Haas | 2010-05-25 03:19:06 | Re: ExecutorCheckPerms() hook |
| Previous Message | KaiGai Kohei | 2010-05-25 02:56:40 | Re: ExecutorCheckPerms() hook |