> > It's too early to vote. :-)
> > The second and third option have prerequisite.
> > The purpose of them is to match granularity of access controls
> > provided by SE-PostgreSQL and native PostgreSQL. However, I have
> > not seen a clear reason why these different security mechanisms
> > have to have same granuality in access controls.
> Have you seen a clear reason why they should NOT have the same granularity?
Agreed. If we implement SE-PostgreSQL row-level security first, we
might find that we have to replace the code once we implement SQL-level
row-level security. If we do SQL-level security first, we can then
adjust it to match what SE-PostgreSQL needs.
+ If your life is a hard drive, Christ can be your backup. +