From mboxrd@z Thu Jan  1 00:00:00 1970
Return-Path: <tarantool-patches-bounce@freelists.org>
Received: from localhost (localhost [127.0.0.1])
	by turing.freelists.org (Avenir Technologies Mail Multiplex) with ESMTP id DCF1925F05
	for <tarantool-patches@freelists.org>; Thu,  7 Jun 2018 23:57:41 -0400 (EDT)
Received: from turing.freelists.org ([127.0.0.1])
	by localhost (turing.freelists.org [127.0.0.1]) (amavisd-new, port 10024)
	with ESMTP id flB5TERJn9wP for <tarantool-patches@freelists.org>;
	Thu,  7 Jun 2018 23:57:41 -0400 (EDT)
Received: from smtp48.i.mail.ru (smtp48.i.mail.ru [94.100.177.108])
	(using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits))
	(No client certificate requested)
	by turing.freelists.org (Avenir Technologies Mail Multiplex) with ESMTPS id 9BAB625EE7
	for <tarantool-patches@freelists.org>; Thu,  7 Jun 2018 23:57:41 -0400 (EDT)
Date: Fri, 8 Jun 2018 06:57:39 +0300
From: Konstantin Osipov <kostja@tarantool.org>
Subject: [tarantool-patches] Re: [PATCH] security: Use system views instead
 of system spaces
Message-ID: <20180608035739.GH6866@chai>
References: <5aec875966ff843a32b03cf9d0e7c85e4fec7f20.1528128037.git.georgy@tarantool.org>
MIME-Version: 1.0
Content-Type: text/plain; charset=us-ascii
Content-Disposition: inline
In-Reply-To: <5aec875966ff843a32b03cf9d0e7c85e4fec7f20.1528128037.git.georgy@tarantool.org>
Sender: tarantool-patches-bounce@freelists.org
Errors-to: tarantool-patches-bounce@freelists.org
Reply-To: tarantool-patches@freelists.org
List-help: <mailto:ecartis@freelists.org?Subject=help>
List-unsubscribe: <tarantool-patches-request@freelists.org?Subject=unsubscribe>
List-software: Ecartis version 1.0.0
List-Id: tarantool-patches <tarantool-patches.freelists.org>
List-subscribe: <tarantool-patches-request@freelists.org?Subject=subscribe>
List-owner: <mailto:>
List-post: <mailto:tarantool-patches@freelists.org>
List-archive: <http://www.freelists.org/archives/tarantool-patches>
To: tarantool-patches@freelists.org
Cc: Ilya Markov <imarkov@tarantool.org>

* Georgy Kirichenko <georgy@tarantool.org> [18/06/04 23:48]:
> From: Ilya Markov <imarkov@tarantool.org>
> 
> System views are used instead of direct reads of corresponding system
> spaces to explore all accessible objects such as spaces, functions, users
> and e.g. An operation with an inaccessible object produces a 'not found'
> error even if the object exists.
> 
> In scope of #3250
> 
> Includes up fixes from Georgy

Pushed.

One minor comment, why do we take into account PRIV_X when allow 
reads from _vsequence view?


-- 
Konstantin Osipov, Moscow, Russia, +7 903 626 22 32
http://tarantool.io - www.twitter.com/kostja_osipov