(2010/12/14 12:53), Robert Haas wrote:
> 2010/12/13 KaiGai Kohei<kaigai@ak.jp.nec.com>:
>> (2010/12/14 12:10), Robert Haas wrote:
>>> 2010/12/13 KaiGai Kohei<kaigai@ak.jp.nec.com>:
>>>> The starter version is not intended to use in production system,
>>>
>>> Well, what's the point, then? I thought we had enough infrastructure
>>> in place at this point to build a simple system that, while it
>>> wouldn't meet every use case, would be useful to some people for
>>> limited purposes. If that's not the case, I'm disappointed.
>>>
>> The point is performance is not first priority right now.
>> I guess its performance does not become a major issue, because lack
>> of some features (such as DDL, row-level) are more glaring than its
>> performance.
>> It is an independent topic whether it is useful for limited purpose,
>> or not. For example, when existing permission checks disallow all
>> the DDL commands from web-applications anyway, it will achieve an
>> expected role.
>
> But you could also install a control into ProcessUtility_hook, right?
Yes, it may be an option to get control DDL statement, although it is
not fine-grained. Of course, we have a trade-off to the scale of patch.
> Saying, for example, you must have we_trust_you_a_lot_t to do any DDL?
No. Right now, it does not check anything on DDL commands, so all the
clients (independent from its security label) are allowed to run any
DDL commands, as long as existing permission allows it.
Thanks,
--
KaiGai Kohei <kaigai@ak.jp.nec.com>