Re: sepgsql contrib module
От | Simon Riggs |
---|---|
Тема | Re: sepgsql contrib module |
Дата | |
Msg-id | 1293669276.1892.12475.camel@ebony обсуждение исходный текст |
Ответ на | Re: sepgsql contrib module (KaiGai Kohei <kaigai@kaigai.gr.jp>) |
Ответы |
Re: sepgsql contrib module
|
Список | pgsql-hackers |
On Thu, 2010-12-30 at 09:26 +0900, KaiGai Kohei wrote: > > What happens if someone alters the configuration so that the sepgsql > > plugin is no longer installed. Does the hidden data become visible? > > > Yes. If sepgsql plugin is uninstalled, the hidden data become visible. > But no matter. Since only a person who is allowed to edit postgresql.conf > can uninstall it, we cannot uninstall it in run-time. > (An exception is loading a malicious module, but we will be able to > hook this operation in the future version.) IMHO all security labels should be invisible if the provider is not installed correctly. That at least prevents us from accidentally de-installing a module and having top secret data be widely available. If you have multiple providers configured, you need to be careful not to allow a provider that incorrectly implements the plugin API, so that prior plugins are no longer effective. -- Simon Riggs http://www.2ndQuadrant.com/books/PostgreSQL Development, 24x7 Support, Training and Services
В списке pgsql-hackers по дате отправления: