Re: [v9.1] Add security hook on initialization of instance

(2010/06/14 20:01), Stephen Frost wrote:
> * KaiGai Kohei (kaigai@ak.jp.nec.com) wrote:
>> The attached patch tries to add one more security hook on the
>> initialization of PostgreSQL instance (InitPostgres()).
>>
>> It gives the external security module a chance to initialize itself,
>> and acquire credential of the client.
>>
>> I assumed the best place to initialize the module is just after the
>> initialize_acl() invocation, if ESP is available.
>> We have not discussed about this hook yet. So, I'd like to see any
>> comments.
> 
> Aren't modules given a __PG_Init or something similar that they can
> define which will be called when the module is loaded..?
> 
I assume the security module shall be loaded within 'shared_preload_libraries',
because we can overwrite 'local_preload_libraries' (PGC_BACKEND) setting using
connection string, so it allows users to bypass security features, doesn't it?

Thanks,
-- 
KaiGai Kohei <kaigai@kaigai.gr.jp>