On Fri, Jul 9, 2010 at 1:21 PM, Tom Lane <t...@sss.pgh.pa.us> wrote: > Simon Riggs <si...@2ndquadrant.com> writes: >> On Fri, 2010-07-09 at 11:09 -0400, Tom Lane wrote: >>> Simon Riggs <si...@2ndquadrant.com> writes: >>>> Strangely, I was looking into removing the ExecCheckRTPerms check >>>> altogether by forcing plan invalidation when permissions are updated. >>>> That would be a performance tweak that would render this change useless. >>> >>> That seems both pointless and wrong. Permissions checks should happen >>> at execution time not plan time. > >> Agreed that permission checks should logically be applied at execution >> time. I am proposing a performance optimisation, not a change in >> behaviour. > > Except that it *is* a change in behavior: the first check will occur too > soon.
You might be able to get around this by doing the first check on first use of the plan and then going and marking all the plans as needing a recheck whenever a permissions change happens. Whether the performance savings are sufficient to justify such a thing is another matter. > The fact that we're interested in adding plugin permissions checking > pretty much destroys the idea anyway. You cannot assume that a plan > cache invalidation will happen for any change in external state that > a plugin might be consulting. This is certainly true, but I also wonder what SE-PostgreSQL plans to do about this. Taking this to its logical exteme, the system security policy could change in mid-query - and while you'd like to think that the system would stop emitting tuples on a dime, that's probably not too feasible in practice. I am assuming that SE-PostgreSQL will want to do some kind of caching, but I wonder how one decides what to cache and for how long, and whether there's any mechanism for propagating cache invalidations. -- Robert Haas EnterpriseDB: http://www.enterprisedb.com The Enterprise Postgres Company -- Sent via pgsql-hackers mailing list (pgsql-hackers@postgresql.org) To make changes to your subscription: http://www.postgresql.org/mailpref/pgsql-hackers
