Re: Updates of SE-PostgreSQL 8.4devel patches - Mailing list pgsql-hackers
| From | KaiGai Kohei |
|---|---|
| Subject | Re: Updates of SE-PostgreSQL 8.4devel patches |
| Date | |
| Msg-id | 48F71E36.9010203@ak.jp.nec.com Whole thread Raw |
| In response to | Re: Updates of SE-PostgreSQL 8.4devel patches (KaiGai Kohei <kaigai@ak.jp.nec.com>) |
| Responses |
Updates of SE-PostgreSQL 8.4devel patches (r1155)
|
| List | pgsql-hackers |
KaiGai Kohei wrote: > Bruce Momjian wrote: >> KaiGai Kohei wrote: >>> Bruce Momjian wrote: >>>> I think we could use row-level access control to prevent people from >>>> seeing databases they should not see in pg_database. >>> The row-level database ACL which I submitted yesterdat does not allow >>> to assign ACLs to tuples within system catalogs (like pg_database), >>> because it is unclear who should be the owner of tuples. >>> >>> As I noted at the previous message, it considers the owner of the table >>> as the owner of the tuples due to several reasons. However, some of >>> system >>> catalogs have its owner field like "pg_proc.proowner". >>> This limitation is not a fundamental one, so we can remove it soon. >>> >>> But, who should be the owner of tuples within system catalogs which have >>> some kind of "owner" field. >> >> The Postgres super-user should be the owner of all system tables. > > OK, I'll update it soon. I updates my patches: [1/6] http://sepgsql.googlecode.com/files/sepostgresql-sepgsql-8.4devel-3-r1130.patch [2/6] http://sepgsql.googlecode.com/files/sepostgresql-pg_dump-8.4devel-3-r1130.patch [3/6] http://sepgsql.googlecode.com/files/sepostgresql-policy-8.4devel-3-r1130.patch [4/6] http://sepgsql.googlecode.com/files/sepostgresql-docs-8.4devel-3-r1130.patch [5/6] http://sepgsql.googlecode.com/files/sepostgresql-tests-8.4devel-3-r1130.patch [6/6] http://sepgsql.googlecode.com/files/sepostgresql-row_acl-8.4devel-3-r1130.patch List of updates: - Fixbug: security identifier was not handled correctly on TOAST table when we repeat to enable/disable the securityfeature. - RowACL: remove limitation on system catalogs - RowACL: the default behavior is changed when we access tuples with no row-level ACL. The previous version appliesACL inherited from its table, but the newer one allows anything to public, because the previousbehavior makes problem when you restrict access via VIEWs. - RowACL: bugfix when we provide an empty string as a new row-level ACL. * An example to limit the list of pg_database [kaigai@saba ~]$ psql postgres psql (8.4devel) Type "help" for help. postgres=# CREATE DATABASE test1; CREATE DATABASE postgres=# CREATE DATABASE test2; CREATE DATABASE postgres=# CREATE DATABASE test3; CREATE DATABASE postgres=# UPDATE pg_database SET tuple_acl = '{ymj=r/kaigai}' WHERE datname like 'test%'; UPDATE 3 postgres=# UPDATE pg_database SET tuple_acl = rowacl_revoke(tableoid, tuple_acl, 'ymj', 'all') WHERE datname= 'test2'; UPDATE 1 postgres=# \l List of databases Name | Owner | Encoding | Collation | Ctype | Access Privileges -----------+--------+----------+-------------+-------------+------------------------------- postgres | kaigai | UTF8 | en_US.UTF-8 | en_US.UTF-8 | template0 | kaigai | UTF8 | en_US.UTF-8 | en_US.UTF-8 | {=c/kaigai,kaigai=CTc/kaigai}template1 | kaigai | UTF8 | en_US.UTF-8 | en_US.UTF-8 | {=c/kaigai,kaigai=CTc/kaigai} test1 | kaigai | UTF8 | en_US.UTF-8 | en_US.UTF-8 | test2 | kaigai | UTF8 | en_US.UTF-8 | en_US.UTF-8 | test3 | kaigai | UTF8 | en_US.UTF-8 | en_US.UTF-8 | (6 rows) postgres=# \q (*) kaigai (superuser) can see test1, test2 and test3. [kaigai@saba ~]$ psql -Uymj postgres psql (8.4devel) Type "help" for help. postgres=> \l List of databases Name | Owner | Encoding | Collation | Ctype | Access Privileges -----------+--------+----------+-------------+-------------+------------------------------- postgres | kaigai | UTF8 | en_US.UTF-8 | en_US.UTF-8 | template0 | kaigai | UTF8 | en_US.UTF-8 | en_US.UTF-8 | {=c/kaigai,kaigai=CTc/kaigai}template1 | kaigai | UTF8 | en_US.UTF-8 | en_US.UTF-8 | {=c/kaigai,kaigai=CTc/kaigai} test1 | kaigai | UTF8 | en_US.UTF-8 | en_US.UTF-8 | test3 | kaigai | UTF8 | en_US.UTF-8 | en_US.UTF-8 | (5 rows) (*) ymj (normal user) cannot see test2 because kaigai revoked it. Thanks, -- OSS Platform Development Division, NEC KaiGai Kohei <kaigai@ak.jp.nec.com>
pgsql-hackers by date: