Robert Haas wrote: > 2009/4/21 KaiGai Kohei <kai...@ak.jp.nec.com>: >> Robert, currently I could not find semantics breaks in your suggestion. >> I plan to update SE- implementation to skip checks during foreign-key >> constraints and add a new SE- permission: "reference" which allows >> to set up fereign-keys. > > Sounds good! I hope that works out for you!
Robert, I found a concern for the approach apart from the original matter. When a FK constraint has ON UPDATE CASCADE rule and the security policy allows someone to update the PK table, it can allow them to update read-only FK table. It might or not be a matter depending on the point of view. If we consider setting up of FK constraint is a very sensitive operation as much as loaing C-libraries, it can be fair enough. (Because we assume SE-PostgreSQL does not checks actions from internal features which are installed by limited number of DBAs.) However, I don't think CREATE TABLE with FK constraint should be restricted to the limited number of DBAs. It will give demerits from the aspects of usability. So, I reconsidered that SE-PostgreSQL should checks secondary queries in FK constraints as the older version doing. Fortunately, the original matter can be solved in other approach. This change does not give us any design impact. Thanks, -- OSS Platform Development Division, NEC KaiGai Kohei <kai...@ak.jp.nec.com> -- Sent via pgsql-hackers mailing list (pgsql-hackers@postgresql.org) To make changes to your subscription: http://www.postgresql.org/mailpref/pgsql-hackers
