From: | Simon Riggs <simon(at)2ndQuadrant(dot)com> |
---|---|
To: | KaiGai Kohei <kaigai(at)kaigai(dot)gr(dot)jp> |
Cc: | KaiGai Kohei <kaigai(at)ak(dot)jp(dot)nec(dot)com>, Bruce Momjian <bruce(at)momjian(dot)us>, Robert Haas <robertmhaas(at)gmail(dot)com>, pgsql-hackers(at)postgresql(dot)org |
Subject: | Re: Updates of SE-PostgreSQL 8.4devel patches (r1197) |
Date: | 2008-11-14 16:36:31 |
Message-ID: | 1226680591.27904.613.camel@ebony.2ndQuadrant |
Views: | Raw Message | Whole Thread | Download mbox | Resend email |
Thread: | |
Lists: | pgsql-hackers |
On Sat, 2008-11-15 at 00:58 +0900, KaiGai Kohei wrote:
> Sorry, it seems to me you misunderstand something.
Yep, seems so. Thank goodness for that. Thanks for putting me straight.
> > I would also like to see the feature part of normal Postgres, rather
> > than as a compile time option. The per-row overhead would then be
> > optional, just as WITH OIDS is optional. This would allow many
> > applications to take advantage of row level security, without the need
> > for switching to a different executable and without the need to enable
> > it for every table. For high security applications, default_row_security
> > = on would obviously be a requirement. With a single executable on all
> > distros we will have more robust software and it will be easier to
> > configure and use.
>
> An issue is who can enable or disable the row-level security option.
> If the owner of table can do it discretionary, we don't call it a
> "mandatory" access control feature.
It seems fairly easy to do that with a GUC, or at least an option on
CREATE DATABASE, with no equivalent ALTER DATABASE option. Once created
with security, a table would not be able to turn off security. So nobody
would be able to turn off security for existing data.
--
Simon Riggs www.2ndQuadrant.com
PostgreSQL Training, Services and Support
From | Date | Subject | |
---|---|---|---|
Next Message | Michael Meskes | 2008-11-14 16:37:49 | Re: gram.y => preproc.y |
Previous Message | Tom Lane | 2008-11-14 16:25:39 | Re: Sometimes pg_dump generates dump which is not restorable |