From: | Kohei KaiGai <kaigai(at)kaigai(dot)gr(dot)jp> |
---|---|
To: | Robert Haas <robertmhaas(at)gmail(dot)com> |
Cc: | Tom Lane <tgl(at)sss(dot)pgh(dot)pa(dot)us>, KaiGai Kohei <kaigai(at)ak(dot)jp(dot)nec(dot)com>, PgHacker <pgsql-hackers(at)postgresql(dot)org> |
Subject: | Re: sepgsql contrib module |
Date: | 2011-01-21 16:00:41 |
Message-ID: | AANLkTikF=9KOeUQtdvMajvdDvXAc=t49de3v5rm8KEdF@mail.gmail.com |
Views: | Raw Message | Whole Thread | Download mbox | Resend email |
Thread: | |
Lists: | pgsql-hackers |
2011/1/22 Robert Haas <robertmhaas(at)gmail(dot)com>:
> On Fri, Jan 21, 2011 at 10:46 AM, Tom Lane <tgl(at)sss(dot)pgh(dot)pa(dot)us> wrote:
>> Robert Haas <robertmhaas(at)gmail(dot)com> writes:
>>> On Fri, Jan 21, 2011 at 9:55 AM, Tom Lane <tgl(at)sss(dot)pgh(dot)pa(dot)us> wrote:
>>>> ALTER FUNCTION is supposed to cause plan invalidation in such a case.
>>>> Not sure if GRANT plays nice with that though.
>>
>>> And in the case of SE-Linux, this could get changed from outside the
>>> database. Not sure how to handle that. I guess we could just never
>>> inline anything, but that might be an overreaction.
>>
>> I think SELinux is just out of luck in that case. If it didn't refuse
>> execution permission at the time we checked before inlining (which we
>> do), it doesn't get to change its mind later.
>
> Seems reasonable to me, if it works for KaiGai.
>
I assume users of SE-PostgreSQL put their first priority on security,
not best-performance. So, I also think it is reasonable to kill a part of
optimization for the strict security checks.
Here is one request for the hook.
needs_fmgr_hook() is called by fmgr_info_cxt_security() and routines
to inline. I need a flag to distinct these cases, because we don't need
to invoke all the functions via fmgr_security_definer(), even if it never
allows to inline.
Thanks,
--
KaiGai Kohei <kaigai(at)kaigai(dot)gr(dot)jp>
From | Date | Subject | |
---|---|---|---|
Next Message | Garick Hamlin | 2011-01-21 16:00:54 | Re: One Role, Two Passwords |
Previous Message | Robert Haas | 2011-01-21 15:57:23 | Re: review: FDW API |