Stephen Frost wrote: > KaiGai, > > * KaiGai Kohei (kai...@ak.jp.nec.com) wrote: >> I began to describe the list of abstraction layer functions (but not >> completed yet): >> http://wiki.postgresql.org/wiki/SEPostgreSQL_Abstraction > > I'm not really a huge fan of 'security_' as a prefix for these > functions, but I don't have a better suggestion right now.
If so, 'pgsec_' (PostGresql SECutiry) instead? > The initial abstraction patch shouldn't include the security context > pieces. I realize that will be needed eventually, but the patch to do > the abstraction and to formally move permissions checking to aclchk.c > needs to stand alone. I'm also not sure that the API of having the > security context be returned as a Datum makes sense.. OK, I'll add pieces corresponding to the security context on the second patch (SE-PostgreSQL patch). > Doesn't security_table_permissions() need to know if the query is an > UPDATE or an INSERT? Either ACL_UPDATE or ACL_INSERT should be set on the required_perms. Both of them are never set in same time. Thanks, -- OSS Platform Development Division, NEC KaiGai Kohei <kai...@ak.jp.nec.com> -- Sent via pgsql-hackers mailing list (pgsql-hackers@postgresql.org) To make changes to your subscription: http://www.postgresql.org/mailpref/pgsql-hackers