delta/postgresql.git - git.postgresql.org: git/postgresql.git

diff options

author	Joe Conway <mail@joeconway.com>	2019-11-23 10:41:52 -0500
committer	Joe Conway <mail@joeconway.com>	2019-11-23 10:46:44 -0500
commit	4f66c93f61439b4db866b21cc1ecd5bf815564ef (patch)
tree	5fa5d6cc2b9a85029289057dbed7e108d247c006 /src/backend/access/gist/gistvalidate.c
parent	f7a2002e82cfc639d1b6df89012f5d6c623ad545 (diff)
download	postgresql-4f66c93f61439b4db866b21cc1ecd5bf815564ef.tar.gz

Update sepgsql to add mandatory access control for TRUNCATE

Use SELinux "db_table: { truncate }" to check if permission is granted to TRUNCATE. Update example SELinux policy to grant needed permission for TRUNCATE. Add new regression test to demonstrate a positive and negative cases. Test will only be run if the loaded SELinux policy has the "db_table: { truncate }" permission. Makes use of recent commit which added object TRUNCATE hook. Patch by Yuli Khodorkovskiy with minor editorialization by me. Not back-patched because the object TRUNCATE hook was not. Author: Yuli Khodorkovskiy Reviewed-by: Joe Conway Discussion: https://postgr.es/m/CAFL5wJcomybj1Xdw7qWmPJRpGuFukKgNrDb6uVBaCMgYS9dkaA%40mail.gmail.com

Diffstat (limited to 'src/backend/access/gist/gistvalidate.c')

0 files changed, 0 insertions, 0 deletions


context:
space:
mode: