Re: [v9.1] Add security hook on initialization of instance

Robert Haas <robertmhaas@gmail.com>

From: Robert Haas <robertmhaas@gmail.com>
To: KaiGai Kohei <kaigai@kaigai.gr.jp>
Cc: Stephen Frost <sfrost@snowman.net>, KaiGai Kohei <kaigai@ak.jp.nec.com>, pgsql-hackers@postgresql.org
Date: 2010-06-14T12:15:12Z
Lists: pgsql-hackers
2010/6/14 KaiGai Kohei <kaigai@kaigai.gr.jp>:
> (2010/06/14 20:01), Stephen Frost wrote:
>> * KaiGai Kohei (kaigai@ak.jp.nec.com) wrote:
>>> The attached patch tries to add one more security hook on the
>>> initialization of PostgreSQL instance (InitPostgres()).
>>>
>>> It gives the external security module a chance to initialize itself,
>>> and acquire credential of the client.
>>>
>>> I assumed the best place to initialize the module is just after the
>>> initialize_acl() invocation, if ESP is available.
>>> We have not discussed about this hook yet. So, I'd like to see any
>>> comments.
>>
>> Aren't modules given a __PG_Init or something similar that they can
>> define which will be called when the module is loaded..?
>>
> I assume the security module shall be loaded within 'shared_preload_libraries',
> because we can overwrite 'local_preload_libraries' (PGC_BACKEND) setting using
> connection string, so it allows users to bypass security features, doesn't it?

Yeah, but so what?  Stephen's point is still valid.

-- 
Robert Haas
EnterpriseDB: http://www.enterprisedb.com
The Enterprise Postgres Company