Re: [HACKERS] Interest in a SECURITY DEFINER function current_userstack access mechanism?

Поиск
Список
Период
Сортировка
От David G. Johnston
Тема Re: [HACKERS] Interest in a SECURITY DEFINER function current_userstack access mechanism?
Дата
Msg-id CAKFQuwbTnbvbbzc4XNnJn7a+cpzDJMjia0J-k6dk3C4xwk2ncQ@mail.gmail.com
обсуждение исходный текст
Ответ на Re: [HACKERS] Interest in a SECURITY DEFINER function current_userstack access mechanism?  (Nico Williams <nico@cryptonector.com>)
Ответы Re: [HACKERS] Interest in a SECURITY DEFINER function current_userstack access mechanism?  (Nico Williams <nico@cryptonector.com>)
Список pgsql-hackers
Дерево обсуждения
On Wed, Oct 18, 2017 at 2:08 PM, Nico Williams <nico@cryptonector.com> wrote:
On Wed, Oct 18, 2017 at 01:43:30PM -0700, David G. Johnston wrote:

More useful than this, for me, would be a way to get the top-most user.


​That would be "session_user"?​

> Introducing the concept of a stack at the SQL level here seems, at
> first glance, to be over-complicating things.

Because of the current implementation of invocation of SECURITY DEFINER
functions, a stack is trivial to build, since it's a list of nodes
allocated on the C stack in fmgr_security_definer().

​Not saying its difficult (or not) to code in C; but exposing that to SQL seems like a big step.

If I was in position to dive deeper I wouldn't foreclose on the stack idea but I'd be inclined to see if something else could be made to work with reasonable effort.

David J.​

В списке pgsql-hackers по дате отправления:

Предыдущее
От: Nico Williams
Дата:
Сообщение: Re: [HACKERS] Interest in a SECURITY DEFINER function current_userstack access mechanism?
Следующее
От: Nico Williams
Дата:
Сообщение: Re: [HACKERS] Interest in a SECURITY DEFINER function current_userstack access mechanism?