From: | Stephen Frost <sfrost(at)snowman(dot)net> |
---|---|
To: | pgsql-hackers <pgsql-hackers(at)postgresql(dot)org> |
Subject: | Row-Level Security |
Date: | 2009-12-12 20:30:03 |
Message-ID: | 20091212203003.GL17756@tamriel.snowman.net |
Views: | Raw Message | Whole Thread | Download mbox | Resend email |
Thread: | |
Lists: | pgsql-hackers |
Greetings,
> I'll start a new thread on this specific topic to hopefully pull out
> anyone who's focus is more on that than on SEPG.
Row-Level security has been implemented in a number of existing
commercial databases. There exists an implementation of row-level
security for PostgreSQL today in the form of SEPostgres.
I believe there is a signfigant user base who would like RLS without
SELinux (or perhaps with some other security manager). As it is a
useful feature indepenent of SELinux, it should be implemented in a way
which doesn't depend on SELinux in any way.
I've started a wiki page to discuss this here:
http://wiki.postgresql.org/wiki/RLS
I'd like to start a discussion about RLS for PG- design, user-interface,
syntax, capabilities, on-disk format changes, etc. For starters, I
think we shoud review the existing RLS implementations. To that end,
I've added a number of articles about them to the wiki. I think the
next step is to start summarizing how those operate and important
similarities and differences between them. Our goal, of course, is to
take the best of what's out there.
Please comment, update the wiki, let us know you're interested in this..
Thanks!
Stephen
From | Date | Subject | |
---|---|---|---|
Next Message | Michael Clemmons | 2009-12-12 20:36:27 | Re: 8.4.1 ubuntu karmic slow createdb |
Previous Message | Magnus Hagander | 2009-12-12 20:24:23 | Re: Winflex |