| From: | Kohei KaiGai <kaigai(at)kaigai(dot)gr(dot)jp> |
|---|---|
| To: | PgHacker <pgsql-hackers(at)postgresql(dot)org> |
| Subject: | [sepgsql 3/3] Add db_procedure:execute permission checks |
| Date: | 2013-01-15 20:46:46 |
| Message-ID: | CADyhKSXCQREbxZhfz-p2txu1WXpq+sVdJEF5Z71+rhyX3iV-YA@mail.gmail.com |
| Views: | Raw Message | Whole Thread | Download mbox | Resend email |
| Thread: | |
| Lists: | pgsql-hackers |
This patch adds sepgsql support for permission checks almost
equivalent to the existing FUNCTION EXECUTE privilege.
This feature is constructed on new OAT_FUNCTION_EXEC event
type being invoked around pg_proc_aclcheck() except for cases
when function's permissions are checked during CREATE or
ALTER commands. (Extension can handle these cases on
OAT_POST_CREATE or OAT_POST_ALTER hooks if needed.)
This patch assumes db_schema:{search} patch is applied on top.
So, please also check the patches below...
https://commitfest.postgresql.org/action/patch_view?id=1003
https://commitfest.postgresql.org/action/patch_view?id=1065
Thanks,
--
KaiGai Kohei <kaigai(at)kaigai(dot)gr(dot)jp>
| Attachment | Content-Type | Size |
|---|---|---|
| sepgsql-v9.3-function-execute-permission.v1.patch | application/octet-stream | 22.7 KB |
| From | Date | Subject | |
|---|---|---|---|
| Next Message | Josh Berkus | 2013-01-15 20:50:09 | Re: pg_ctl idempotent option |
| Previous Message | Robert Haas | 2013-01-15 20:44:42 | Re: count(*) of zero rows returns 1 |