Re: Column Redaction

On Fri, Oct 10, 2014 at 02:05:05PM +0100, Thom Brown wrote:
> On 10 October 2014 13:43, Simon Riggs <simon(at)2ndquadrant(dot)com> wrote:
> > On 10 October 2014 11:45, Thom Brown <thom(at)linux(dot)com> wrote:
> >
> >> To be honest, this all sounds rather flaky.
> >
> > To be honest, suggesting anything at all is rather difficult and I
> > recommend people try it.
>
> I have, and most ideas I've had have been justifiably shot down or
> picked apart (scheduled background tasks, offloading stats collection
> to standby, index maintenance in DML query plans, expression
> statistics... to name but a few).
>
> > Everything sounds crap when you didn't think of it and you've given it
> > an hour's thought.
>
> I'm not sure that means my concerns aren't valid. I don't think it
> sounds crap, but I also can't see any use-case for it where we don't
> already have things covered, or where it's going to offer any useful
> level of security. Like with RLS, it may be that I'm just looking at
> things from the wrong perspective.

Agreed. The problem isn't giving it only an hours thought --- it is
that we can come up with serious problems in five _seconds_ of thought.
Unless you can some up with a solution to those issues, I am not sure
why we are even talking about it.

My other concern is you must have realized these issues in five seconds
too, so why didn't you mention them?

--
Bruce Momjian <bruce(at)momjian(dot)us> http://momjian.us
EnterpriseDB http://enterprisedb.com

+ Everyone has their own god. +