Re: [PATCH] Largeobject access controls

Jaime,

KaiGai Kohei wrote:
| > ALTER LARGE OBJECT is working, but now that we can change the owner of
| > a LO we should be able to see who the actual owner is... i mean we
| > should add an owner column in \dl for psql (maybe \dl+) and maybe an
| > lo_owner() function.
|
| I would like to buy your idea at the revised patch.

Now we don't have xxx_owner() function for other database objects,
such as tables, procedures and so on.
I agree to enhance \dl command for psql, however, it seems to me
that using SELECT from system catalogs are normal manner in pgsql,
instead of lo_owner() function.

Jaime Casanova wrote:
>> Do you think the "largeobject_compat_acl" is a meaningful name, instead?
> 
> maybe something like "largeobject_security_controls"?

It is important to contain a term of "compat" which means compatible,
because this GUC does not disables all the security checks.
The v8.4.x checks superuser privilege on using lo_import()/lo_export().
It is also checked in this patch, even if the GUC is turned on.

The purpose of the GUC is to provide compatible behavior, not to provide
a stuff to turn on/off all the security features in largeobjects.

So, I still prefer the "largeobject_compat_acl".

Now, I'm revising the patch as follows:
- pg_largeobject_meta is renamed to pg_largeobject_metadata
- The GUC of largeobject_compat_dac is renamed to largeobject_compat_acl
- psql supports \dl to show owner of the largeobject
- add documentation for the GUC, and add it to the postgresql.conf.sample

Any comments?

Thanks,
-- 
OSS Platform Development Division, NEC
KaiGai Kohei <kaigai@ak.jp.nec.com>