SEPostgreSQL Permissions

From PostgreSQL wiki

(Difference between revisions)
Jump to: navigation, search
(List of object classes and permissions)
(History of Updates)
Line 7: Line 7:
 
;20120725
 
;20120725
 
:The initial description of the definition of object classes are permissions.
 
:The initial description of the definition of object classes are permissions.
 +
;2013xxxx
 +
:db_materialized_view object class will be added.
  
 
== List of object classes and permissions ==
 
== List of object classes and permissions ==

Revision as of 08:42, 11 February 2013

Contents

Overview

History of Updates

The initial description of the definition of object classes are permissions are based on SELinux community's reference policy 20120725 revision. In case of newer policy adds or redefines them, we at least add a notation which revision is the minimum valid policy towards this description.

20120725
The initial description of the definition of object classes are permissions.
2013xxxx
db_materialized_view object class will be added.

List of object classes and permissions

common database
create to be checked when a new object is created
drop to be checked when an existing object is dropped
getattr to be checked when properties of a particular object is referenced
setattr to be checked when properties of a particular object is modified
relabelfrom to be checked on the older one when security label of a particular object is changed
relabelto to be checked on the newer one when security label of a particular object is changed
db_database class
access to be checked when session is connected to the database. It is an equivalent check with DATABASE CONNECT permission in database acl.
load_module
db_schema class
search to be checked when client tries to solve object name underlying the schema. It is an equivalent check with SCHEMA USE permission in database acl.
add_name to be checked when client tries to add an object name entry into a particular schema, due to object creation, rename or set schema
remove_name to be checked when client tries to remove an object name entry into a particular schema, due to object deletion, rename or set schema
db_table class
select
update
insert
delete
lock
db_sequence class
get_value
next_value
set_value
db_view class
expand
db_procedure class
execute
entrypoint
install
db_column class
select
update
delete
db_tuple class
(*) Note that db_tuple does not inherits common database permissions
relabelfrom
relabelto
select
update
insert
delete
db_language class
implement
execute
db_blob class
read
write
import
export
(operating system) process class
transition
dyntransition
setcurrent
(operating system) file class
(*) Note that object class may be either of dir, lnk_file, chr_file, blk_file, sock_file or filo_file, instead of file, depending on the type of file node being referenced.
read
write
create
getattr
unlink
rename

common database

introduction

Several permissions are common for any database object classes, expect for db_tuple class that represent rows in user tables.

permissions

create
It shall be checked when user's operation tries to create a new database object being classified according to database object class.
A default security label shall be assigned on the new database object, then create permission shall be checked on the default label.
drop
It shall be checked when user's operation tries to drop an existing database object being classified according to database object class.
Unlike DAC checks, it shall be also applied on database objects being dropped in cascade.
getattr
It shall be checked when user's operation tries to read one or more properties of a particular database object being classified according to database object class.
Note that it does not intends to control operations that consumes all the referenced properties without disclosure. In other words, it needs to be checked on SELECT FROM system catalogs, but internal syscache reference is not a case, for example.
setattr
It shall be checked when user's operation tries to modify one or more properties of a particular database object being classified according to database object class.
relabelfrom
It shall be checked towards the older security label when user's operation tries to change security label of a particular database object being classified according to database object class.
relabelto
It shall be checked towards the newder security label when user's operation tries to change security label of a particular database object being classified according to database object class.

db_database class

introduction

permissions

db_schema class

introduction

permissions

db_table class

introduction

permissions

db_sequence class

introduction

permissions

db_view class

introduction

permissions

db_procedure class

introduction

permissions

db_column class

introduction

permissions

db_tuple class

introduction

permissions

db_language class

introduction

permissions

db_blob class

introduction

permissions

process class

introduction

permissions

file class

introduction

permissions

Personal tools