From mboxrd@z Thu Jan 1 00:00:00 1970 Return-Path: Received: from localhost (localhost [127.0.0.1]) by turing.freelists.org (Avenir Technologies Mail Multiplex) with ESMTP id DEF6329853 for ; Tue, 3 Apr 2018 10:01:35 -0400 (EDT) Received: from turing.freelists.org ([127.0.0.1]) by localhost (turing.freelists.org [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id ZQAV6E1t7YMZ for ; Tue, 3 Apr 2018 10:01:35 -0400 (EDT) Received: from smtp58.i.mail.ru (smtp58.i.mail.ru [217.69.128.38]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (No client certificate requested) by turing.freelists.org (Avenir Technologies Mail Multiplex) with ESMTPS id 3A4F125B67 for ; Tue, 3 Apr 2018 10:01:34 -0400 (EDT) From: Georgy Kirichenko Subject: [tarantool-patches] Re: [security 0/3] System space access check lists Date: Tue, 03 Apr 2018 17:01:22 +0300 Message-ID: <1991458.fjWModUKor@localhost> In-Reply-To: References: MIME-Version: 1.0 Content-Type: multipart/signed; boundary="nextPart3194391.M9dZfqabnH"; micalg="pgp-sha256"; protocol="application/pgp-signature" Sender: tarantool-patches-bounce@freelists.org Errors-to: tarantool-patches-bounce@freelists.org Reply-To: tarantool-patches@freelists.org List-help: List-unsubscribe: List-software: Ecartis version 1.0.0 List-Id: tarantool-patches List-subscribe: List-owner: List-post: List-archive: To: Konstantin Osipov Cc: tarantool-patches@freelists.org, Ilya Markov --nextPart3194391.M9dZfqabnH Content-Transfer-Encoding: 7Bit Content-Type: text/plain; charset="us-ascii" I do not see any unfixable issues. Kostja, please make a high-level overview before i send a detailed path review. On Thursday, March 29, 2018 10:36:58 AM MSK Ilya Markov wrote: > branch: gh-3250-system-space-access > > Ilya Markov (2): > box: Add system view for _sequence system space > security: Refactor reads from systems spaces > > imarkov (1): > security: Refactor system space access checks > > src/box/alter.cc | 283 > +++++++++++++++++++++++-------------- src/box/bootstrap.snap | > Bin 1504 -> 1540 bytes > src/box/index.cc | 1 + > src/box/lua/schema.lua | 123 +++++++++------- > src/box/lua/space.cc | 2 + > src/box/lua/upgrade.lua | 34 +++-- > src/box/schema.cc | 119 +++++++++++++++- > src/box/schema.h | 28 +++- > src/box/schema_def.h | 2 + > src/box/space.c | 3 +- > src/box/space.h | 17 ++- > src/box/sysview_engine.c | 4 + > src/box/sysview_index.c | 80 ++++++++--- > src/box/user.cc | 4 - > src/box/user.h | 7 + > test/app-tap/tarantoolctl.test.lua | 4 +- > test/box-py/bootstrap.result | 11 +- > test/box/access.result | 95 ++++++++----- > test/box/access.test.lua | 48 ++++--- > test/box/access_bin.result | 8 +- > test/box/access_misc.result | 51 +++++-- > test/box/access_misc.test.lua | 11 +- > test/box/access_sysview.result | 88 ++++++++++-- > test/box/access_sysview.test.lua | 34 ++++- > test/box/alter.result | 3 + > test/box/net.box.result | 6 + > test/box/net.box.test.lua | 2 + > test/box/on_replace.result | 12 +- > test/box/role.result | 27 +++- > test/box/role.test.lua | 13 +- > test/box/sequence.result | 17 ++- > test/box/sequence.test.lua | 10 +- > test/box/transaction.result | 8 +- > test/engine/iterator.result | 2 +- > test/engine/savepoint.result | 12 +- > test/engine/truncate.result | 2 +- > test/xlog/upgrade.result | 11 +- > 37 files changed, 843 insertions(+), 339 deletions(-) --nextPart3194391.M9dZfqabnH Content-Type: application/pgp-signature; name="signature.asc" Content-Description: This is a digitally signed message part. Content-Transfer-Encoding: 7Bit -----BEGIN PGP SIGNATURE----- iQEzBAABCAAdFiEEFZT35EtIMRTDS5hJnoTdFFzh6LUFAlrDiTIACgkQnoTdFFzh 6LWF5Qf+MjKa4V7WFEAuqz0dRMEUamB+7ASQfbK3k4hHqJbo6id3FU+G4QuvAUQh tigGvq9Acpt88B5zUGRa7b9Q7NURjrXu9OS8T9ICbguweoCWGmJzknNMfvbH5AVL voyhUfkrYw3lwiHoX5y6p/RhFfjmnQeKga2oKUoAq1PrBOYgOzMawY0CBFknr9Eh K9dx+vCsF6PdBjLiWCGHhaUdZDp2x7DwiT5gw4CWSrv0gDZ8iNDsXp88qqpFU5R+ 5768RZxOD+vaDi3bE7YPGFdnDKZNbz2693CL7Hw+KF6DGNpR8c4cskJXRtDedAFp kiDB/Lxys44kDYK0kRTvsBb+P/U0yw== =1K10 -----END PGP SIGNATURE----- --nextPart3194391.M9dZfqabnH--