Re: ExecutorCheckPerms() hook

Robert Haas <robertmhaas@gmail.com>

From: Robert Haas <robertmhaas@gmail.com>
To: KaiGai Kohei <kaigai@ak.jp.nec.com>
Cc: pgsql-hackers@postgresql.org
Date: 2010-05-25T03:16:39Z
Lists: pgsql-hackers
2010/5/24 KaiGai Kohei <kaigai@ak.jp.nec.com>:
> I think we need a new SPI_*() interface which allows to run the given query
> without any permission checks, because these queries are purely internal stuff,
> so we can trust the query is harmless.
[...]
> I'm afraid of that the src/backend/catalog/aclchk.c will become overcrowding
> in the future. If it is ugly to deploy checker functions in separated dir/files,
> I think it is an idea to put it on the execMain.c, instead of ExecCheckRTEPerms().

Both of these are bad ideas, for reasons Stephen Frost has articulated well.

-- 
Robert Haas
EnterpriseDB: http://www.enterprisedb.com
The Enterprise Postgres Company