[HACKERS] Updates of SE-PostgreSQL 8.4devel patches (r1348)

Thu, 25 Dec 2008 03:35:38 -0800 

I updated the patch set of SE-PostgreSQL and related stuff (r1348)

[1/5] 
http://sepgsql.googlecode.com/files/sepostgresql-sepgsql-8.4devel-3-r1348.patch
[2/5] 
http://sepgsql.googlecode.com/files/sepostgresql-utils-8.4devel-3-r1348.patch
[3/5] 
http://sepgsql.googlecode.com/files/sepostgresql-policy-8.4devel-3-r1348.patch
[4/5] 
http://sepgsql.googlecode.com/files/sepostgresql-docs-8.4devel-3-r1348.patch
[5/5] 
http://sepgsql.googlecode.com/files/sepostgresql-tests-8.4devel-3-r1348.patch

  Draft of the SE-PostgreSQL documentation is here:
    http://wiki.postgresql.org/wiki/SEPostgreSQL
    (It also should be updated for the recent changes...)

List of updates:
- The patches are rebased to the latest CVS HEAD.
  Currently, previous ones (r1324) are not suitable for this.
- It put a copied relkind value on pg_attribute.attkind.
  This change enables to reduce per tuple lookups for RELOID,
  and improve robustness of security model.
- bugfix: heap_getsysattr() could return NULL, when enhanced
  security feature is disabled. It is fixed to return an
  alternative label/default acl.
- errcode_for_file_access() is applied on filesystem related
  errors, instead of ERRCODE_SELINUX_ERROR.
- Reloptions related code for Row-level ACLs feature is flattened.
  Now it invokes rowaclXXX() without PGACE hooks, because there is
  an active effort to support variable kind of reloptions now.
- The "default_row_acl" got stored as text represenation due to
  incorrect table dump. (We should not put it as security id.)
- bugfix: Makefile in src/test/sepgsql

Request for comments:

The current heap_reloptions() requires reloption-parser not to
raise an error when validate = false.
However, it makes a matter when we store "default_row_acl" as
a entry of reloptions. The input handler of AclItem[] can raise
an error if given input string has invalid format or users.

What solutions can be considered?
- Implement its own AclItem[] parser which does not raise an
  error on validate = false.
- Set dependencies on users which appears in default Row-ACLs.
- Remove default Row-level ACLs feature.
- Any other idea?

And, I have a question.
Is the new reloption framework designed to store strings?
The latest one support Bool, Int and Real, doen't it?

Thanks,
-- 
OSS Platform Development Division, NEC
KaiGai Kohei <kai...@ak.jp.nec.com>

-- 
Sent via pgsql-hackers mailing list (pgsql-hackers@postgresql.org)
To make changes to your subscription:
http://www.postgresql.org/mailpref/pgsql-hackers

Reply via email to