Re: sepgsql contrib module
| От | Robert Haas |
|---|---|
| Тема | Re: sepgsql contrib module |
| Дата | |
| Msg-id | AANLkTin3wQ3QBqEunLE+Cjw9VvbOt1S_EOzm-ut_PoPg@mail.gmail.com обсуждение исходный текст |
| Ответ на | Re: sepgsql contrib module (Tom Lane <tgl@sss.pgh.pa.us>) |
| Ответы |
Re: sepgsql contrib module
Re: sepgsql contrib module |
| Список | pgsql-hackers |
On Fri, Jan 21, 2011 at 9:55 AM, Tom Lane <tgl@sss.pgh.pa.us> wrote: > Robert Haas <robertmhaas@gmail.com> writes: >> For that matter, I wonder what happens with regular function >> permissions. If the plan inlines the function and then somebody goes >> and changes the permission on the function and makes it SECURITY >> DEFINER, what happens? > > ALTER FUNCTION is supposed to cause plan invalidation in such a case. > Not sure if GRANT plays nice with that though. And in the case of SE-Linux, this could get changed from outside the database. Not sure how to handle that. I guess we could just never inline anything, but that might be an overreaction. -- Robert Haas EnterpriseDB: http://www.enterprisedb.com The Enterprise PostgreSQL Company
В списке pgsql-hackers по дате отправления: