Re: [v9.1] Add security hook on initialization of instance

Stephen Frost <sfrost@snowman.net>

From: Stephen Frost <sfrost@snowman.net>
To: Robert Haas <robertmhaas@gmail.com>
Cc: KaiGai Kohei <kaigai@ak.jp.nec.com>, Tom Lane <tgl@sss.pgh.pa.us>, KaiGai Kohei <kaigai@kaigai.gr.jp>, pgsql-hackers@postgresql.org
Date: 2010-07-08T14:48:26Z
Lists: pgsql-hackers
* Robert Haas (robertmhaas@gmail.com) wrote:
> I think we have to assume that whatever actions a pluggable security
> provider might take at authentication time are going to be based on
> information from outside the database.

I feel that would be perfect for 9.1 and supporting access to the
general catalog is something that, if we figure out a sane way to
do it, we could always add later (if there's demand, etc).

For those bits of the catalog which *do* meet the requirements you
mention, I hope it'll be possible for the security module to access
them?  Does make me wonder if we might consider adding a field to those
to support a label rather than trying to figure out a way for a third
party to provide a shared/nailed relation.

	Thanks,

		Stephen