Tuesday, September 23, 2008

Re: [HACKERS] Proposal of SE-PostgreSQL patches (for CommitFest:Sep)

Robert Haas wrote:
> > It's too early to vote. :-)
> >
> > The second and third option have prerequisite.
> > The purpose of them is to match granularity of access controls
> > provided by SE-PostgreSQL and native PostgreSQL. However, I have
> > not seen a clear reason why these different security mechanisms
> > have to have same granuality in access controls.
> Have you seen a clear reason why they should NOT have the same granularity?

Agreed. If we implement SE-PostgreSQL row-level security first, we
might find that we have to replace the code once we implement SQL-level
row-level security. If we do SQL-level security first, we can then
adjust it to match what SE-PostgreSQL needs.

Bruce Momjian <bruce@momjian.us> http://momjian.us
EnterpriseDB http://enterprisedb.com

+ If your life is a hard drive, Christ can be your backup. +

Sent via pgsql-hackers mailing list (pgsql-hackers@postgresql.org)
To make changes to your subscription:

No comments: