2016-12-26 17:15 GMT+01:00 Fabien COELHO <coe...@cri.ensmp.fr>:

> Hello Pavel,
>   SET ROLE Admin;
>>>   DECLARE @secure_variable INTEGER RESTRICT; -- only accessible to Admin
> Why introduce another security system?
> That is a good question.
> I would prefer to avoid it and just have simple session variables... but
> this is not what you want, so I'm trying to find a compromise which both
> gives you the feature you are seeking and would keep session variables as
> inexpensive, i.e. without catalog costs.
> A simplistic PUBLIC/PRIVATE permissions on simple session variable can be
> done with nothing (no additional data structures): (store: hash_put(<owner
> id if private or nothing> || '@varname', value); consult: if exists(<owner
> id> || '@varname') then return it else if exists('@varname') then return it
> else "error variable does not exist").
> Now if you can offer an inexpensive GRANT/REVOKE on simple session
> variables, i.e. without catalog changes, then I think I would agree to it,
> even if I would not like it much.

> The reason I "do not like much" is subjective. I associate SQL permission
> commands (GRANT, REVOKE...) to real SQL "objects" (i.e. persistent,
> transactional, secured things subject to CREATE ALTER DROP...). However
> light-weight session variables are not really like that.
> Also if you can have inexpensive GRANT/REVOKE then probably I would also
> have to accept "CREATE SESSION VARIABLE @foo", because it would be
> consistent to have it with GRANT/REVOKE. I would "not like it much" either
> to have CREATE for an non persistant object, but that is life...
> However I understood that for permissions you do need "pg_class", which
> means catalog changes on session variable creation, which means expensive
> for simple session variables, so not desirable.

I don't understand to "expensive" word. How much often you create/drop
these variables? The deployment cycle is similar to functions.  I don't
propose any feature, that can enforce bloating of system catalogue.

The variable metadata will be persistent across sessions. I can imagine the
local (temporal) session variable where life cycle of metadata will be
related to session like our current temporary tables. But it is not in this



> --
> Fabien.

Reply via email to