From mboxrd@z Thu Jan 1 00:00:00 1970 Return-Path: Received: from localhost (localhost [127.0.0.1]) by turing.freelists.org (Avenir Technologies Mail Multiplex) with ESMTP id DCF1925F05 for ; Thu, 7 Jun 2018 23:57:41 -0400 (EDT) Received: from turing.freelists.org ([127.0.0.1]) by localhost (turing.freelists.org [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id flB5TERJn9wP for ; Thu, 7 Jun 2018 23:57:41 -0400 (EDT) Received: from smtp48.i.mail.ru (smtp48.i.mail.ru [94.100.177.108]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (No client certificate requested) by turing.freelists.org (Avenir Technologies Mail Multiplex) with ESMTPS id 9BAB625EE7 for ; Thu, 7 Jun 2018 23:57:41 -0400 (EDT) Date: Fri, 8 Jun 2018 06:57:39 +0300 From: Konstantin Osipov Subject: [tarantool-patches] Re: [PATCH] security: Use system views instead of system spaces Message-ID: <20180608035739.GH6866@chai> References: <5aec875966ff843a32b03cf9d0e7c85e4fec7f20.1528128037.git.georgy@tarantool.org> MIME-Version: 1.0 Content-Type: text/plain; charset=us-ascii Content-Disposition: inline In-Reply-To: <5aec875966ff843a32b03cf9d0e7c85e4fec7f20.1528128037.git.georgy@tarantool.org> Sender: tarantool-patches-bounce@freelists.org Errors-to: tarantool-patches-bounce@freelists.org Reply-To: tarantool-patches@freelists.org List-help: List-unsubscribe: List-software: Ecartis version 1.0.0 List-Id: tarantool-patches List-subscribe: List-owner: List-post: List-archive: To: tarantool-patches@freelists.org Cc: Ilya Markov * Georgy Kirichenko [18/06/04 23:48]: > From: Ilya Markov > > System views are used instead of direct reads of corresponding system > spaces to explore all accessible objects such as spaces, functions, users > and e.g. An operation with an inaccessible object produces a 'not found' > error even if the object exists. > > In scope of #3250 > > Includes up fixes from Georgy Pushed. One minor comment, why do we take into account PRIV_X when allow reads from _vsequence view? -- Konstantin Osipov, Moscow, Russia, +7 903 626 22 32 http://tarantool.io - www.twitter.com/kostja_osipov