'Re: [HACKERS] pre-proposal: permissions made easier'

[prev in list] [next in list] [prev in thread] [next in thread] 

List:       postgresql-general
Subject:    Re: [HACKERS] pre-proposal: permissions made easier
From:       Chris Browne <cbbrowne () acm ! org>
Date:       2009-06-30 19:41:40
Message-ID: 877hyt5x1n.fsf () dba2 ! int ! libertyrms ! com
[Download RAW message or body]

andrew@dunslane.net (Andrew Dunstan) writes:

> Jeff Davis wrote:
>> On Mon, 2009-06-29 at 12:55 -0400, Tom Lane wrote:
>>
>>> I think it has to be looked at in comparison to more general
>>> prospective-permissions schemes;
>>
>> When I searched google for "prospective permissions", all I found were
>> links to messages in this thread ;)
>>
>> Can you refer me to a general prospective-permissions scheme that is
>> more widely accepted? Being more widely accepted also has the benefit
>> that users will feel more comfortable with the behavior.
>>
>>
>>
>
> Think of MySQL's wildcard permissions. They apply to any object
> whether that object is created before or after the rule is set,
> AIUI. That means the wildcard pattern is applied at the time the
> permission rule is referenced, rather than when the rule is created,
> thus applying it prospectively.
>
> It's a feature many users would like to have, although, as Tom rightly
> points out, it can be a bit of a footgun if used carelessly.

I'll point out, "for posterity", that way back in yesteryear, TOPS-10
(introduced in 1967) had a "declarative permissioning" system for file
access that resembles this.

The best description I'm aware of is the following:
   http://lkml.org/lkml/1999/2/5/2

A FILDAE config file for a particular user might look like the
following:

# anything in a directory named "private" is off limits
*/private/*:*:*:*:
# people in group "foo" get full (create, delete, read, write,
# execute) access to everything in the foo project directory
~/projects/foo/*:*:foo:*:cdrwx
# people playing mygame can update the high score file
~/mygame/score.dat:*:*:
~/mygame/bin/mygame:rw
# some friends have access to the RCS files for mygame
~/mygame/src/RCS/*:dennis,kevin,josh:*:
/usr/bin/ci:rw
~/mygame/src/RCS/*:dennis,kevin,josh:*:
/usr/bin/co:rw
# I'll put stuff I want everyone to read in my ~/public directory
# I'll make the public directory 744, so no one will actually have
# to check .access_list, but I'll still put in this entry for
completeness
~/public/*:*:*:*:r# anything left over gets no access*:*:*:*:

This obviously isn't notably SQL-like, but that's not the point :-).
-- 
"cbbrowne","@","cbbrowne.com"
http://www3.sympatico.ca/cbbrowne/lisp.html
Ubuntu is an ancient African word, meaning "can't configure Debian"

-- 
Sent via pgsql-hackers mailing list (pgsql-hackers@postgresql.org)
To make changes to your subscription:
http://www.postgresql.org/mailpref/pgsql-hackers

[prev in list] [next in list] [prev in thread] [next in thread]
Configure | About | News | Add a list | Sponsored by KoreLogic