> > It's too early to vote. :-)
> >
> > The second and third option have prerequisite.
> > The purpose of them is to match granularity of access controls
> > provided by SE-PostgreSQL and native PostgreSQL. However, I have
> > not seen a clear reason why these different security mechanisms
> > have to have same granuality in access controls.
>
> Have you seen a clear reason why they should NOT have the same granularity?
Agreed. If we implement SE-PostgreSQL row-level security first, we
might find that we have to replace the code once we implement SQL-level
row-level security. If we do SQL-level security first, we can then
adjust it to match what SE-PostgreSQL needs.
--
Bruce Momjian <bruce@momjian.us> http://momjian.us
EnterpriseDB http://enterprisedb.com
+ If your life is a hard drive, Christ can be your backup. +
--
Sent via pgsql-hackers mailing list (pgsql-hackers@postgresql.org)
To make changes to your subscription:
http://www.postgresql.org/mailpref/pgsql-hackers
No comments:
Post a Comment