Re: A Question about InvokeObjectPostAlterHook
| От | Michael Paquier | 
|---|---|
| Тема | Re: A Question about InvokeObjectPostAlterHook | 
| Дата | |
| Msg-id | ZD4duApRPFdUwYX3@paquier.xyz обсуждение исходный текст | 
| Ответ на | A Question about InvokeObjectPostAlterHook (" Legs Mansion" <1027644833@qq.com>) | 
| Ответы | Re: A Question about InvokeObjectPostAlterHook | 
| Список | pgsql-hackers | 
On Tue, Apr 18, 2023 at 09:51:30AM +0800, Legs Mansion wrote: > Recently, I ran into a problem, InvokeObjectPostAlterHook was > implemented for sepgsql, sepgsql use it to determine whether to > check permissions during certain operations. But > InvokeObjectPostAlterHook doesn't handle all of the alter's > behavior, at least the table is not controlled. e.g., ALTER > TABLE... ENABLE/DISABLE ROW LEVEL SECURITY,ALTER TABLE ... DISABLE > TRIGGER, GRANT and REVOKE and so on. > Whether InvokeObjectPostAlterHook is not fully controlled? it's > a bug? Yes, tablecmds.c has some holes and these are added when there is a ask for it, as far as I recall. In some cases, these locations can be tricky to add, so usually they require an independent analysis. For example, EnableDisableTrigger() has one AOT for the trigger itself, but not for the relation changed in tablecmds.c, as you say, anyway we should be careful with cross-dependencies. Note that 90efa2f has made the tests for OATs much easier, and there is no need to rely only on sepgsql for that. (Even if test_oat_hooks has been having some stability issues with namespace lookups because of the position on the namespace search hook.) Also, the additions of InvokeObjectPostAlterHook() are historically conservative because they create behavior changes in stable branches, meaning no backpatch. See a995b37 or 7b56584 as past examples, for example. Note that the development of PostgreSQL 16 has just finished, so now may not be the best moment to add these extra AOT calls, but these could be added in 17~ for sure at the beginning of July once the next development cycle begins. Attached would be what I think would be required to add OATs for RLS, triggers and rules, for example. There are much more of these at quick glance, still that's one step in providing more checks. Perhaps you'd like to expand this patch with more ALTER TABLE subcommands covered? -- Michael
Вложения
В списке pgsql-hackers по дате отправления: