I updated the patch set of SE-PostgreSQL and related stuff (r1348)
[1/5] http://sepgsql.googlecode.com/files/sepostgresql-sepgsql-8.4devel-3-r1348.patch
[2/5] http://sepgsql.googlecode.com/files/sepostgresql-utils-8.4devel-3-r1348.patch
[3/5] http://sepgsql.googlecode.com/files/sepostgresql-policy-8.4devel-3-r1348.patch
[4/5] http://sepgsql.googlecode.com/files/sepostgresql-docs-8.4devel-3-r1348.patch
[5/5] http://sepgsql.googlecode.com/files/sepostgresql-tests-8.4devel-3-r1348.patch
Draft of the SE-PostgreSQL documentation is here: http://wiki.postgresql.org/wiki/SEPostgreSQL (It also should be
updatedfor the recent changes...)
List of updates:
- The patches are rebased to the latest CVS HEAD. Currently, previous ones (r1324) are not suitable for this.
- It put a copied relkind value on pg_attribute.attkind. This change enables to reduce per tuple lookups for RELOID,
andimprove robustness of security model.
- bugfix: heap_getsysattr() could return NULL, when enhanced security feature is disabled. It is fixed to return an
alternativelabel/default acl.
- errcode_for_file_access() is applied on filesystem related errors, instead of ERRCODE_SELINUX_ERROR.
- Reloptions related code for Row-level ACLs feature is flattened. Now it invokes rowaclXXX() without PGACE hooks,
becausethere is an active effort to support variable kind of reloptions now.
- The "default_row_acl" got stored as text represenation due to incorrect table dump. (We should not put it as security
id.)
- bugfix: Makefile in src/test/sepgsql
Request for comments:
The current heap_reloptions() requires reloption-parser not to
raise an error when validate = false.
However, it makes a matter when we store "default_row_acl" as
a entry of reloptions. The input handler of AclItem[] can raise
an error if given input string has invalid format or users.
What solutions can be considered?
- Implement its own AclItem[] parser which does not raise an error on validate = false.
- Set dependencies on users which appears in default Row-ACLs.
- Remove default Row-level ACLs feature.
- Any other idea?
And, I have a question.
Is the new reloption framework designed to store strings?
The latest one support Bool, Int and Real, doen't it?
Thanks,
--
OSS Platform Development Division, NEC
KaiGai Kohei <kaigai@ak.jp.nec.com>