Re: [v9.2] Fix Leaky View Problem
| От | Kohei KaiGai |
|---|---|
| Тема | Re: [v9.2] Fix Leaky View Problem |
| Дата | |
| Msg-id | CADyhKSXWM86V7v17zeTVhZ+Sfu+pDjeNA78D5UwYrVZrY=uC1A@mail.gmail.com обсуждение исходный текст |
| Ответ на | Re: [v9.2] Fix Leaky View Problem (Thom Brown <thom@linux.com>) |
| Ответы |
Re: [v9.2] Fix Leaky View Problem
|
| Список | pgsql-hackers |
2011/9/7 Thom Brown <thom@linux.com>: > On 24 August 2011 13:38, Kohei Kaigai <Kohei.Kaigai@emea.nec.com> wrote: >> >> The (2) is new stuff from the revision in commit-fest 1st. It enables to >> supply "NOLEAKY" option on CREATE FUNCTION statement, then the function is >> allowed to distribute across security barrier. Only superuser can set this >> option. > > "NOLEAKY" doesn't really sound appropriate as it sounds like pidgin English. > Also, it could be read as "Don't allow leaks in this function". Could we > instead use something like TRUSTED or something akin to it being allowed to > do more than safer functions? It then describes its level of behaviour > rather than what it promises not to do. > Thanks for your comment. I'm not a native English specker, so it is helpful. "TRUSTED" sounds meaningful for me, however, it is confusable with a concept of "trusted procedure" in label-based MAC. It is not only SELinux, Oracle's label based security also uses this term to mean a procedure that switches user's credential during its execution. http://download.oracle.com/docs/cd/B28359_01/network.111/b28529/storproc.htm So, how about "CREDIBLE", instead of "TRUSTED"? Thanks, -- KaiGai Kohei <kaigai@kaigai.gr.jp>
В списке pgsql-hackers по дате отправления: