| From: | Tom Lane <tgl(at)sss(dot)pgh(dot)pa(dot)us> |
|---|---|
| To: | Robert Haas <robertmhaas(at)gmail(dot)com> |
| Cc: | KaiGai Kohei <kaigai(at)ak(dot)jp(dot)nec(dot)com>, KaiGai Kohei <kaigai(at)kaigai(dot)gr(dot)jp>, PgHacker <pgsql-hackers(at)postgresql(dot)org> |
| Subject: | Re: sepgsql contrib module |
| Date: | 2011-01-21 15:46:53 |
| Message-ID: | 10563.1295624813@sss.pgh.pa.us |
| Views: | Raw Message | Whole Thread | Download mbox | Resend email |
| Thread: | |
| Lists: | pgsql-hackers |
Robert Haas <robertmhaas(at)gmail(dot)com> writes:
> On Fri, Jan 21, 2011 at 9:55 AM, Tom Lane <tgl(at)sss(dot)pgh(dot)pa(dot)us> wrote:
>> ALTER FUNCTION is supposed to cause plan invalidation in such a case.
>> Not sure if GRANT plays nice with that though.
> And in the case of SE-Linux, this could get changed from outside the
> database. Not sure how to handle that. I guess we could just never
> inline anything, but that might be an overreaction.
I think SELinux is just out of luck in that case. If it didn't refuse
execution permission at the time we checked before inlining (which we
do), it doesn't get to change its mind later.
regards, tom lane
| From | Date | Subject | |
|---|---|---|---|
| Next Message | Andrew Dunstan | 2011-01-21 15:47:07 | Re: pg_dump directory archive format / parallel pg_dump |
| Previous Message | Magnus Hagander | 2011-01-21 15:43:12 | Re: More detailed auth info |