From: | Abhijit Menon-Sen <ams(at)2ndQuadrant(dot)com> |
---|---|
To: | MauMau <maumau307(at)gmail(dot)com> |
Cc: | Robert Haas <robertmhaas(at)gmail(dot)com>, Stephen Frost <sfrost(at)snowman(dot)net>, Alvaro Herrera <alvherre(at)2ndquadrant(dot)com>, Fujii Masao <masao(dot)fujii(at)gmail(dot)com>, Ian Barwick <ian(at)2ndquadrant(dot)com>, pgsql-hackers(at)postgresql(dot)org |
Subject: | Re: pgaudit - an auditing extension for PostgreSQL |
Date: | 2014-07-02 08:21:18 |
Message-ID: | 20140702082118.GB26031@toroid.org |
Views: | Raw Message | Whole Thread | Download mbox | Resend email |
Thread: | |
Lists: | pgsql-hackers |
At 2014-07-01 21:39:27 +0900, maumau307(at)gmail(dot)com wrote:
>
> Won't it be burden and a headache to maintain pgaudit code when it
> becomes obsolete in the near future?
Maybe it's a bit unfair to single out this statement to respond to,
because it seems at best tangential to your larger point, but:
If it were to really become obsolete (not sure about "the near future"),
it wouldn't need much maintenance. It already works about as well as it
ever will on older releases (e.g., we have no hopes of ever backporting
enough of event triggers to provide DDL deparsing in 9.3).
> I'm afraid they would be disappointed if PostgreSQL provides auditing
> functionality which does not conform to any real regulations like PCI
> DSS, NIST
I foresee lots of disappointment, then. I don't think even Stephen is
advocating NIST-compliance as the *baseline* for serious auditing in
core, just that we need a design that lets us get there sometime.
-- Abhijit
From | Date | Subject | |
---|---|---|---|
Next Message | Kyotaro HORIGUCHI | 2014-07-02 08:32:42 | Re: WAL replay bugs |
Previous Message | Mark Cave-Ayland | 2014-07-02 08:06:40 | Re: Spinlocks and compiler/memory barriers |