KaiGai Kohei wrote:
The series of SE-PostgreSQL patches are updated:
[1/5]
http://sepgsql.googlecode.com/files/sepostgresql-sepgsql-8.4devel-3-r1530.patch
[2/5]
http://sepgsql.googlecode.com/files/sepostgresql-utils-8.4devel-3-r1530.patch
[3/5]
http://sepgsql.googlecode.com/files/sepostgresql
,
--
OSS Platform Development Division, NEC
KaiGai Kohei kai...@ak.jp.nec.com
--
Sent via pgsql-hackers mailing list (pgsql-hackers@postgresql.org)
To make changes to your subscription:
http://www.postgresql.org/mailpref/pgsql-hackers
are unchanged.
Please comment anything.
Thanks,
--
OSS Platform Development Division, NEC
KaiGai Kohei kai...@ak.jp.nec.com
--
Sent via pgsql-hackers mailing list (pgsql-hackers@postgresql.org)
To make changes to your subscription:
http://www.postgresql.org/mailpref/pgsql-hackers
| 4207
!!
:
65 files changed, 4737 insertions(+), 11 deletions(-), 4908 modifications(!)
Thanks,
--
OSS Platform Development Division, NEC
KaiGai Kohei kai...@ak.jp.nec.com
--
Sent via pgsql-hackers mailing list (pgsql-hackers@postgresql.org
it is
a preferable way to design the first step without ignoring upcoming
expandability.
Thanks,
--
OSS Platform Development Division, NEC
KaiGai Kohei kai...@ak.jp.nec.com
--
Sent via pgsql-hackers mailing list (pgsql-hackers@postgresql.org)
To make changes to your subscription:
http
Development Division, NEC
KaiGai Kohei kai...@ak.jp.nec.com
--
Sent via pgsql-hackers mailing list (pgsql-hackers@postgresql.org)
To make changes to your subscription:
http://www.postgresql.org/mailpref/pgsql-hackers
, performance is not the first issue here.
The variable length type makes hard to assign a newly inserted tuple
(into pg_class, etc...) a default security context.
Thanks,
--
OSS Platform Development Division, NEC
KaiGai Kohei kai...@ak.jp.nec.com
--
Sent via pgsql-hackers mailing list (pgsql
for a while.
KaiGai Kohei wrote:
Bruce Momjian wrote:
Joshua Brindle wrote:
The big problem is that the security value on system tables controls
the
_object_ represented by the row, while on user tables the security
value
represents access to the row. That is just an odd design, and why
KaiGai Kohei wrote:
Andrew Dunstan wrote:
KaiGai Kohei wrote:
One melancholic thing is adding a member into pg_proc.
It defines more than 2000 of entries which I have to modify
correctly. :(
Is there any script to help it?
Last time I added a column to a large catalog, I used a perl
Stephen Frost wrote:
KaiGai,
* KaiGai Kohei (kai...@kaigai.gr.jp) wrote:
I don't provide both of security_label and security_acl
system columns for system/user tables.
I didn't write it explicitly, it might make you confusing.
User cannot see what security label is assigned to them
due
, but, we concluded it is not necessary
a few days ago, then it is just before to finish most of works...
Thanks,
--
KaiGai Kohei kai...@kaigai.gr.jp
--
Sent via pgsql-hackers mailing list (pgsql-hackers@postgresql.org)
To make changes to your subscription:
http://www.postgresql.org/mailpref/pgsql
Robert Haas wrote:
On Sat, Jan 31, 2009 at 8:32 AM, Stephen Frost sfr...@snowman.net wrote:
* KaiGai Kohei (kai...@kaigai.gr.jp) wrote:
Stephen Frost wrote:
I think Bruce's question was where you stored the security_acl and
security_label columns. Based on your response (and a bit of purusal
*in this step*, if is has no other matter unexpected.
One melancholic thing is adding a member into pg_proc.
It defines more than 2000 of entries which I have to modify correctly. :(
Is there any script to help it?
Thanks,
--
KaiGai Kohei kai...@kaigai.gr.jp
--
Sent via pgsql-hackers mailing list (pgsql
Andrew Dunstan wrote:
KaiGai Kohei wrote:
One melancholic thing is adding a member into pg_proc.
It defines more than 2000 of entries which I have to modify correctly. :(
Is there any script to help it?
Last time I added a column to a large catalog, I used a perl script to
help me, IIRC
,
--
KaiGai Kohei kai...@kaigai.gr.jp
--
Sent via pgsql-hackers mailing list (pgsql-hackers@postgresql.org)
To make changes to your subscription:
http://www.postgresql.org/mailpref/pgsql-hackers
code...
--
KaiGai Kohei kai...@kaigai.gr.jp
--
Sent via pgsql-hackers mailing list (pgsql-hackers@postgresql.org)
To make changes to your subscription:
http://www.postgresql.org/mailpref/pgsql-hackers
Bruce Momjian wrote:
KaiGai Kohei wrote:
Hasn't a plan for this already been posted? See
http://archives.postgresql.org/pgsql-hackers/2009-01/msg02407.php
FYI:
* previous full-functional SE-PostgreSQL/Row-ACLs
[kai...@fedora10 security]$ wc -l *.c */*.c
729 pgaceCommon.c
1547
Bruce Momjian wrote:
KaiGai Kohei wrote:
Today, I'll debug the modified code...
Wow, that was fast. Where are you storing the security information for
tables and columns? Did you add a special column to pg_class, etc?
Security information is stored within padding field of HeapTupleHeader
or lucky
to make a key confliction.)
But, it enables to prevent unclassified user to read the tuple,
and him to know an info the tuple contains p_id=TOPSECRET01 as
a result of this read action.
Thanks,
--
KaiGai Kohei kai...@kaigai.gr.jp
--
Sent via pgsql-hackers mailing list (pgsql-hackers
in finally.
Thanks,
--
KaiGai Kohei kai...@kaigai.gr.jp
--
Sent via pgsql-hackers mailing list (pgsql-hackers@postgresql.org)
To make changes to your subscription:
http://www.postgresql.org/mailpref/pgsql-hackers
and prefer scraping PGACE and integrate SE- code
into core.
Thanks,
--
KaiGai Kohei kai...@kaigai.gr.jp
--
Sent via pgsql-hackers mailing list (pgsql-hackers@postgresql.org)
To make changes to your subscription:
http://www.postgresql.org/mailpref/pgsql-hackers
Stephen Frost wrote:
* KaiGai Kohei (kai...@kaigai.gr.jp) wrote:
So, I cannot believe refactoring pg_xxx_aclcheck() is not acceptable.
If vanilla PostgreSQL become to check ACLs on tables, independent
from views, do you think it is acceptable?
Well, just to be clear, ACLs are checked
KaiGai Kohei wrote:
I'm not sure about KaiGai's feelings on this, but it strikes me that
adding SELinux support for the existing levels of access control in PG
might be straight-forward and small enough to include for 8.4 and would
show some commitment to this approach of do it for PG, add
immediately.
IMO, the framework is purely implementation matter, so it is
not late when the second one appeared.
As I noted to another message, I can accept to integrate limited
functional SE-PostgreSQL without any PGACE.
Thanks,
--
KaiGai Kohei kai...@kaigai.gr.jp
--
Sent via pgsql-hackers
+++
* src/include/security/rowacl.h| 41
It will be gone, so -200 lines are expected
At the total, -3,200 lines are expected.
In addition, any other small-sized stuffs can be postponed.
Thanks,
--
OSS Platform Development Division, NEC
KaiGai Kohei kai...@ak.jp.nec.com
--
Sent via
:
Between two stools you fall to the ground.
Thanks,
--
OSS Platform Development Division, NEC
KaiGai Kohei kai...@ak.jp.nec.com
--
Sent via pgsql-hackers mailing list (pgsql-hackers@postgresql.org)
To make changes to your subscription:
http://www.postgresql.org/mailpref/pgsql-hackers
/msg02339.php
[3] http://archives.postgresql.org/pgsql-hackers/2009-01/msg02391.php
--
OSS Platform Development Division, NEC
KaiGai Kohei kai...@ak.jp.nec.com
--
Sent via pgsql-hackers mailing list (pgsql-hackers@postgresql.org)
To make changes to your subscription:
http://www.postgresql.org
KaiGai Kohei kai...@ak.jp.nec.com
--
Sent via pgsql-hackers mailing list (pgsql-hackers@postgresql.org)
To make changes to your subscription:
http://www.postgresql.org/mailpref/pgsql-hackers
. Josh Brindle, any thoughts?
Unless the security policy writer got crazy, it would be unrealistic.
Thanks,
--
OSS Platform Development Division, NEC
KaiGai Kohei kai...@ak.jp.nec.com
--
Sent via pgsql-hackers mailing list (pgsql-hackers@postgresql.org)
To make changes to your subscription:
http
necessary for tables/columns/...
Thanks,
--
OSS Platform Development Division, NEC
KaiGai Kohei kai...@ak.jp.nec.com
--
Sent via pgsql-hackers mailing list (pgsql-hackers@postgresql.org)
To make changes to your subscription:
http://www.postgresql.org/mailpref/pgsql-hackers
Robert Haas wrote:
On Wed, Jan 28, 2009 at 10:15 PM, KaiGai Kohei kai...@ak.jp.nec.com wrote:
It seems to me reference-counter is more preferable than boolean,
at least. But it makes performance pain on writer access when it
is expanded to row-level security.
A reference counter will never
,
simple_heap_update() aside.
If we cannot obtain enough information from context, we can
apply possible maximum permissions here.
Thanks,
--
OSS Platform Development Division, NEC
KaiGai Kohei kai...@ak.jp.nec.com
--
Sent via pgsql-hackers mailing list (pgsql-hackers@postgresql.org)
To make changes
. :-(
(And will be overspec for enterprise class purpose.)
Thanks,
--
OSS Platform Development Division, NEC
KaiGai Kohei kai...@ak.jp.nec.com
--
Sent via pgsql-hackers mailing list (pgsql-hackers@postgresql.org)
To make changes to your subscription:
http://www.postgresql.org/mailpref/pgsql-hackers
.
We should not assume every row are not labeled forever, at least.
It will lose expandability soon.
Thanks,
--
OSS Platform Development Division, NEC
KaiGai Kohei kai...@ak.jp.nec.com
--
Sent via pgsql-hackers mailing list (pgsql-hackers@postgresql.org)
To make changes to your subscription
for certification then we should trust that
it probably will pass certification and if it doesn't we will see
further patches to allow that to happen.
--
KaiGai Kohei kai...@kaigai.gr.jp
--
Sent via pgsql-hackers mailing list (pgsql-hackers@postgresql.org)
To make changes to your subscription:
http
would certainly make porting applications that
depend on that mechanism somewhat difficult, and doesn't really seem
like it'd gain you all that much...
--
OSS Platform Development Division, NEC
KaiGai Kohei kai...@ak.jp.nec.com
--
Sent via pgsql-hackers mailing list (pgsql-hackers
,
--
OSS Platform Development Division, NEC
KaiGai Kohei kai...@ak.jp.nec.com
--
Sent via pgsql-hackers mailing list (pgsql-hackers@postgresql.org)
To make changes to your subscription:
http://www.postgresql.org/mailpref/pgsql-hackers
Platform Development Division, NEC
KaiGai Kohei kai...@ak.jp.nec.com
--
Sent via pgsql-hackers mailing list (pgsql-hackers@postgresql.org)
To make changes to your subscription:
http://www.postgresql.org/mailpref/pgsql-hackers
,
--
OSS Platform Development Division, NEC
KaiGai Kohei kai...@ak.jp.nec.com
--
Sent via pgsql-hackers mailing list (pgsql-hackers@postgresql.org)
To make changes to your subscription:
http://www.postgresql.org/mailpref/pgsql-hackers
on tuples simultaneously,
although SE-PostgreSQL applies MAC on tables/columns which
PostgreSQL has DAC features on.
So, I add a support simultaneous DACMAC.
Thanks,
--
OSS Platform Development Division, NEC
KaiGai Kohei kai...@ak.jp.nec.com
--
Sent via pgsql-hackers mailing list (pgsql-hackers
.
It will be a similar one.
See, pgaceAllowFunctionInlined(...);
http://code.google.com/p/sepgsql/source/browse/trunk/sepgsql/src/backend/security/pgaceHooks.c#948
Thanks,
--
OSS Platform Development Division, NEC
KaiGai Kohei kai...@ak.jp.nec.com
--
Sent via pgsql-hackers mailing list (pgsql-hackers
possible scenarios in a more wide audience
--
OSS Platform Development Division, NEC
KaiGai Kohei kai...@ak.jp.nec.com
--
Sent via pgsql-hackers mailing list (pgsql-hackers@postgresql.org)
To make changes to your subscription:
http://www.postgresql.org/mailpref/pgsql-hackers
think it is a quite reasonable approach, as I noted in another message.
Thanks,
--
OSS Platform Development Division, NEC
KaiGai Kohei kai...@ak.jp.nec.com
--
Sent via pgsql-hackers mailing list (pgsql-hackers@postgresql.org)
To make changes to your subscription:
http://www.postgresql.org
Sorry, I attached incorrect patch file.
It is the correct one.
KaiGai Kohei wrote:
Robert,
The attached patch is a draft to replace RedHat/Fedora RPM centric
expressions, to add a reference at Database Roles and Privileges
chapter and a bit cleanups for the latest revision (r1467
up right now...
4. pg_upgrade script. I haven't heard much about this in a while...
I am doubtful that it is production-quality, but maybe I'm wrong?
5. Reducing some DDL Locks to ShareLock. No activity in a long time,
no time to wait for this to be finished. 8.5.
...Robert
--
KaiGai Kohei
src/include/utils/syscache.h |4
110 files changed, 9813 insertions(+), 16 deletions(-), 924 modifications(!)
--
KaiGai Kohei kai...@kaigai.gr.jp
--
Sent via pgsql-hackers mailing list (pgsql-hackers@postgresql.org)
To make changes to your subscription:
http
in SELinux community. An evidence is its upstreamed security
policy (reference policy) contains rules for SE-PostgreSQL.
http://oss.tresys.com/repos/refpolicy/trunk/policy/modules/services/postgresql.te
Thanks,
--
OSS Platform Development Division, NEC
KaiGai Kohei kai...@ak.jp.nec.com
--
Sent via
Division, NEC
KaiGai Kohei kai...@ak.jp.nec.com
--
Sent via pgsql-hackers mailing list (pgsql-hackers@postgresql.org)
To make changes to your subscription:
http://www.postgresql.org/mailpref/pgsql-hackers
Tom Lane wrote:
Ron Mayer rm...@cheapcomplexdevices.com writes:
Tom Lane wrote:
The second problem is that we're not sure it's really the right thing,
because we have no one who is competent to review the design from a
security standpoint.
Are we underestimating Kaigai Kohei?
Perhaps he
Dann Corbit wrote:
-Original Message-
From: pgsql-hackers-ow...@postgresql.org [mailto:pgsql-hackers-
ow...@postgresql.org] On Behalf Of Joshua D. Drake
Sent: Monday, January 26, 2009 7:42 PM
To: KaiGai Kohei
Cc: Tom Lane; Ron Mayer; Josh Berkus; Robert Haas; Merlin Moncure;
Jonah H
is
just another client). But I think the two categories above cover the
issues that are making me seriously leery of this patch.
As I documented, a client runs pg_dump/pg_restore should have enough
privileges on whole of the databases.
Thanks,
--
OSS Platform Development Division, NEC
KaiGai Kohei
not a reasonable one.
If we can found a matter as a result of discussion, which is impossible
to fix within reasonable term, I'll agree it being postponed to v8.5.
However, why is the punishment of death necessary here?
Thanks,
--
OSS Platform Development Division, NEC
KaiGai Kohei kai
Robert Haas wrote:
On Fri, Jan 23, 2009 at 12:30 AM, KaiGai Kohei kai...@ak.jp.nec.com wrote:
The patch set of SE-PostgreSQL and related stuff were updated (r1460).
[1/5]
http://sepgsql.googlecode.com/files/sepostgresql-sepgsql-8.4devel-3-r1460.patch
[2/5]
http://sepgsql.googlecode.com/files
://archives.postgresql.org/message-id/497c6808.2060...@kaigai.gr.jp
- Bugfix: SE-PostgreSQL related functions didn't raise an error
when pgace_feature option is not selinux.
- Add a launcher program to run testcases with various kind of security context.
Thanks,
--
KaiGai Kohei kai...@kaigai.gr.jp
, I'll pay my maximum effort to reduce the additional
days, even if it is estimated one more month is necessary.
Thanks,
--
OSS Platform Development Division, NEC
KaiGai Kohei kai...@ak.jp.nec.com
--
Sent via pgsql-hackers mailing list (pgsql-hackers@postgresql.org)
To make changes to your
reviewing SE-PostgreSQL
from the point of view of security expert. If folks in pgsql-hackers
have questions, I belive they can provide an answer to the questions.
Thanks,
--
OSS Platform Development Division, NEC
KaiGai Kohei kai...@ak.jp.nec.com
--
Sent via pgsql-hackers mailing list (pgsql
(my employer also allows it for v8.4), but it is impossible by myself only.
We need all your help!
I'm sorry, if you felt above my concern uncomfortable.
Thanks,
--
KaiGai Kohei kai...@kaigai.gr.jp
--
Sent via pgsql-hackers mailing list (pgsql-hackers@postgresql.org)
To make changes to your
Bruce Momjian wrote:
KaiGai Kohei wrote:
Bruce Momjian wrote:
Now that we are two months into the final commit fest, it is time to
finalize all the open patches so we can target a February beta.
The two major outstanding patches are:
o SE-PostgreSQL: The author has done
.
Thanks,
--
OSS Platform Development Division, NEC
KaiGai Kohei kai...@ak.jp.nec.com
--
Sent via pgsql-hackers mailing list (pgsql-hackers@postgresql.org)
To make changes to your subscription:
http://www.postgresql.org/mailpref/pgsql-hackers
Development Division, NEC
KaiGai Kohei kai...@ak.jp.nec.com
--
Sent via pgsql-hackers mailing list (pgsql-hackers@postgresql.org)
To make changes to your subscription:
http://www.postgresql.org/mailpref/pgsql-hackers
facility and we assume performance is not first
priority for SE-PostgreSQL users. However, if its duration of life has
been expanded to the tail of rewriter, I would be also happy.
Thanks,
--
KaiGai Kohei kai...@kaigai.gr.jp
--
Sent via pgsql-hackers mailing list (pgsql-hackers@postgresql.org
to be a significant amount of
overhead though.
I agree with Stephen's opinion.
Indeed, the walker approach requires additional steps during query
parsing, but the code obviousness is a significant factor from the
point of view of security.
Thanks,
--
OSS Platform Development Division, NEC
KaiGai
| 18
src/include/utils/syscache.h |4
110 files changed, 9697 insertions(+), 16 deletions(-), 918 modifications(!)
Thanks,
--
OSS Platform Development Division, NEC
KaiGai Kohei kai...@ak.jp.nec.com
--
Sent via pgsql-hackers mailing list (pgsql-hackers@postgresql.org
-PostgreSQL package got merged into Fedora Project. ('07/11/08)
- 8.3.x based SE-PostgreSQL announced. ('08/03/08)
Thanks,
--
KaiGai Kohei kai...@kaigai.gr.jp
--
Sent via pgsql-hackers mailing list (pgsql-hackers@postgresql.org)
To make changes to your subscription:
http://www.postgresql.org/mailpref
a nice day,
--
OSS Platform Development Division, NEC
KaiGai Kohei kai...@ak.jp.nec.com
--
Sent via pgsql-hackers mailing list (pgsql-hackers@postgresql.org)
To make changes to your subscription:
http://www.postgresql.org/mailpref/pgsql-hackers
http://code.google.com/p/sepgsql/source/browse/trunk/sepgsql/src/backend/security/pgaceHooks.c
Thanks,
--
KaiGai Kohei kai...@kaigai.gr.jp
--
Sent via pgsql-hackers mailing list (pgsql-hackers@postgresql.org)
To make changes to your subscription:
http://www.postgresql.org/mailpref/pgsql-hackers
.
If necessary, I can rework/update them with my highest priority.
Thanks,
--
OSS Platform Development Division, NEC
KaiGai Kohei kai...@ak.jp.nec.com
--
Sent via pgsql-hackers mailing list (pgsql-hackers@postgresql.org)
To make changes to your subscription:
http://www.postgresql.org/mailpref
of the issues on column-level privileges are
resolved, so it is almost ready for getting merged.
Thanks,
Stephen Frost wrote:
KaiGai,
* KaiGai Kohei (kai...@ak.jp.nec.com) wrote:
The attached patch put invocations of markColumnForSelectPriv()
at transformJoinUsingClause() to mark those columns
ExecGrant_()s.
My preference is to clip out column-privilege part into ExecGrant_Attribute()
and invoke it for each given columns.
But, it is just my preference. Please ask it official commiters/reviewers.
Thanks,
--
OSS Platform Development Division, NEC
KaiGai Kohei kai...@ak.jp.nec.com
--
Sent via
DEBUG: pg_attribute_aclmask: t2.x required: 0002 allowed: 0002
DEBUG: pg_attribute_aclmask: t2.y required: 0002 allowed: 0002
b | ?column?
---+--
(0 rows)
Thanks,
KaiGai Kohei wrote:
Tom Lane wrote:
I'm thinking make_var is not the place to do this. The places that are
supposed
Alvaro Herrera wrote:
KaiGai Kohei wrote:
I updated patch set of SE-PostgreSQL and related stuff (r1403).
[1/5]
http://sepgsql.googlecode.com/files/sepostgresql-sepgsql-8.4devel-3-r1403.patch
Random observations:
Thanks for your comment!
heapam.c: you've got a bunch of elog(ERROR) calls
atest1 JOIN atest5 ON (atest1.a =
atest5.two); -- fail
+ SELECT one, two FROM atest5; -- fail
+
:
Thanks,
--
OSS Platform Development Division, NEC
KaiGai Kohei kai...@ak.jp.nec.com
--
Sent via pgsql-hackers mailing list (pgsql-hackers@postgresql.org)
To make changes to your
: 0002 allowed: 0002
DEBUG: pg_attribute_aclmask: t2.a required: 0002 allowed: 0002
DEBUG: pg_attribute_aclmask: t2.y required: 0002 allowed: 0002
x | y
---+---
(0 rows)
--
OSS Platform Development Division, NEC
KaiGai Kohei kai...@ak.jp.nec.com
diff --git a/src/backend/parser/parse_clause.c b
() with proper error code.
- It replaces static inline functions by real ones, and moves them
to src/backend/security/pgaceHooks.c, to eliminate GCC dependency.
These are based on Alvaro's comments.
Thanks for your help!
--
OSS Platform Development Division, NEC
KaiGai Kohei kai...@ak.jp.nec.com
Platform Development Division, NEC
KaiGai Kohei kai...@ak.jp.nec.com
--
Sent via pgsql-hackers mailing list (pgsql-hackers@postgresql.org)
To make changes to your subscription:
http://www.postgresql.org/mailpref/pgsql-hackers
,
KaiGai Kohei wrote:
Stephen,
The revised patch can reproduce the original matter, as follows:
postgres=# CREATE TABLE t1 (a int, b text);
CREATE TABLE
postgres=# CREATE TABLE t2 (x int, y text);
CREATE TABLE
postgres=# GRANT select(a) on t1 to ymj;
GRANT
postgres
places that ought to be adding
bits to the column bitmaps.
--
OSS Platform Development Division, NEC
KaiGai Kohei kai...@ak.jp.nec.com
--
Sent via pgsql-hackers mailing list (pgsql-hackers@postgresql.org)
To make changes to your subscription:
http://www.postgresql.org/mailpref/pgsql-hackers
to *begin* reviewing the SE-PostgreSQL features now.
Please make it progress!
Thanks,
--
OSS Platform Development Division, NEC
KaiGai Kohei kai...@ak.jp.nec.com
--
Sent via pgsql-hackers mailing list (pgsql-hackers@postgresql.org)
To make changes to your subscription:
http://www.postgresql.org
to consider it refers whole of the user columns.
I think it can share the code to handle the above empty cols_sel cases.
Thanks,
--
OSS Platform Development Division, NEC
KaiGai Kohei kai...@ak.jp.nec.com
--
Sent via pgsql-hackers mailing list (pgsql-hackers@postgresql.org)
To make changes to your
/proxy.c and rowacl/rowacl.c.
- Documentation updates: add descriptions for newly added options
on pg_dump, pg_dumpall and initdb
Thanks,
--
OSS Platform Development Division, NEC
KaiGai Kohei kai...@ak.jp.nec.com
--
Sent via pgsql-hackers mailing list (pgsql-hackers@postgresql.org)
To make
Markus Wanner wrote:
Hi,
KaiGai Kohei wrote:
The attached patch is a proof of the concept.
Awesome! I'll try to review during the day.
I strongly want the Column-level privileges to be get merged
as soon as possible, so I don't spare any possible assist
for his works.
+1
Can you quickly
Stephen Frost wrote:
KaiGai,
* KaiGai Kohei (kai...@ak.jp.nec.com) wrote:
Is it possible to implement a walker function to pick up appeared
columns and to chain them on rte-cols_sel/cols_mod?
In this idea, columns in Query-targetList should be chained on
rte-cols_mod, and others should
of continue statements that, as far
as I can tell, no longer work after the macros were wrapped in
do { ... } while (0) :-( I don't see any nice way to put the facility
back.
Thanks for all the input.
Thanks,
--
OSS Platform Development Division, NEC
KaiGai Kohei kai...@ak.jp.nec.com
--
Sent
Alvaro Herrera wrote:
KaiGai Kohei wrote:
Could you deliver bool validate to the validate_string_relopt callback?
In this specification, invoked callback cannot know whether it should
really raise an error for invalid reloption, or not.
Hmm, would it be better to not call the validation
Jaime Casanova wrote:
On Wed, Jan 7, 2009 at 1:46 AM, KaiGai Kohei kai...@ak.jp.nec.com wrote:
The attached patch is a proof of the concept.
It walks on a given query tree to append accessed columns on
rte-cols_sel and rte-cols_mod.
When aliasvar of JOIN'ed relation is accesses, its source
, NEC
KaiGai Kohei kai...@ak.jp.nec.com
--
Sent via pgsql-hackers mailing list (pgsql-hackers@postgresql.org)
To make changes to your subscription:
http://www.postgresql.org/mailpref/pgsql-hackers
the issue.
Anyway, I hope your patch getting merged as soon as possible. :-)
If I have anything to help you, please feel free to ask for.
Thanks,
--
OSS Platform Development Division, NEC
KaiGai Kohei kai...@ak.jp.nec.com
--
Sent via pgsql-hackers mailing list (pgsql-hackers@postgresql.org)
To make
Alvaro Herrera wrote:
KaiGai Kohei wrote:
Alvaro, could you check the patched code on reloptions.h, reloptions.c
and rel.h? It is a working example of string reloptions, and I could
found a few strange codes.
I'm intending to revisit the string code ... I was thinking yesterday
night that I
Platform Development Division, NEC
KaiGai Kohei kai...@ak.jp.nec.com
--
Sent via pgsql-hackers mailing list (pgsql-hackers@postgresql.org)
To make changes to your subscription:
http://www.postgresql.org/mailpref/pgsql-hackers
://code.google.com/p/sepgsql/source/browse/trunk/sepgsql/src/backend/security/rowacl/rowacl.c#30
If you don't have enough availability, I'll be able to do it within
a few days.
Thanks,
--
OSS Platform Development Division, NEC
KaiGai Kohei kai...@ak.jp.nec.com
--
Sent via pgsql-hackers mailing list
: 0004 allowed:
ERROR: permission denied for relation t1
postgres=
--
OSS Platform Development Division, NEC
KaiGai Kohei kai...@ak.jp.nec.com
Index: src/backend/parser/analyze.c
===
*** src/backend/parser/analyze.c (revision 1
is the currect status of my patches?
I guess you have many comments in the five patches, because they are a bit
large to be commited obviously.
Could you tell me, even if these are not comprehensive ones.
Thanks,
--
OSS Platform Development Division, NEC
KaiGai Kohei kai...@ak.jp.nec.com
--
Sent
the remaining patches can be addressed pretty easily but we need
final versions from any authors who are still adjusting them.
Let's see what we can get done in the next two weeks and reevaluate.
--
OSS Platform Development Division, NEC
KaiGai Kohei kai...@ak.jp.nec.com
--
Sent via pgsql-hackers
(CacheMemoryContext,
- VARSIZE(options));
- memcpy(relation-rd_options, options, VARSIZE(options));
- }
Thanks,
--
OSS Platform Development Division, NEC
KaiGai Kohei kai...@ak.jp.nec.com
--
Sent via pgsql-hackers mailing list (pgsql-hackers
Alvaro Herrera wrote:
KaiGai Kohei wrote:
(1) Who/Where should allocate a string area?
+ /* Note that this assumes that the variable is already allocated! */
+ #define HANDLE_STRING_RELOPTION(optname, var, option) \
+ if (HAVE_RELOPTION(optname, option
,
--
KaiGai Kohei kai...@kaigai.gr.jp
--
Sent via pgsql-hackers mailing list (pgsql-hackers@postgresql.org)
To make changes to your subscription:
http://www.postgresql.org/mailpref/pgsql-hackers
Alvaro Herrera wrote:
KaiGai Kohei wrote:
Alvaro Herrera wrote:
So this is an updated patch. This now allows a user-defined AM to
create new reloptions and pass them down to the parser for parsing and
checking.
This patch does not support reloptions in string expression, like
.
- bugfix: proper permission check when a set-returning function is inlined
- bugfix: proper column permission checks on SELECT rowtype from inherited
table.
--
KaiGai Kohei kai...@kaigai.gr.jp
--
Sent via pgsql-hackers mailing list (pgsql-hackers@postgresql.org)
To make changes to your
]
http://sepgsql.googlecode.com/files/sepostgresql-policy-8.4devel-3-r1370.patch
[4/5]
http://sepgsql.googlecode.com/files/sepostgresql-docs-8.4devel-3-r1370.patch
[5/5]
http://sepgsql.googlecode.com/files/sepostgresql-tests-8.4devel-3-r1370.patch
KaiGai Kohei wrote:
I updated patch set of SE
Division, NEC
KaiGai Kohei kai...@ak.jp.nec.com
--
Sent via pgsql-hackers mailing list (pgsql-hackers@postgresql.org)
To make changes to your subscription:
http://www.postgresql.org/mailpref/pgsql-hackers
601 - 700 of 907 matches
Mail list logo
