| From: | "Kevin Grittner" <Kevin(dot)Grittner(at)wicourts(dot)gov> |
|---|---|
| To: | "Robert Haas" <robertmhaas(at)gmail(dot)com>, "Tom Lane" <tgl(at)sss(dot)pgh(dot)pa(dot)us> |
| Cc: | "KaiGai Kohei" <kaigai(at)ak(dot)jp(dot)nec(dot)com>, "Gregory Stark" <stark(at)enterprisedb(dot)com>, "David Fetter" <david(at)fetter(dot)org>, "KaiGai Kohei" <kaigai(at)kaigai(dot)gr(dot)jp>,<bogdan(at)omnidatagrup(dot)ro>, <pgsql-hackers(at)postgresql(dot)org>, "Martijn van Oosterhout" <kleptog(at)svana(dot)org> |
| Subject: | Re: SE-PostgreSQL and row level security |
| Date: | 2009-02-16 15:23:05 |
| Message-ID: | 49993078.EE98.0025.0@wicourts.gov |
| Views: | Whole Thread | Raw Message | Download mbox | Resend email |
| Thread: | |
| Lists: | pgsql-hackers |
>>> Tom Lane <tgl(at)sss(dot)pgh(dot)pa(dot)us> wrote:
> We have seen no evidence that anyone has a worked-out
> set of design rules that make a SE-Postgres database secure against
> these issues, so the whole thing is pie in the sky.
I've seen several mentions of the rule "Don't use a column containing
data you want to secure as part of the primary key." mentioned several
times in these threads. I think that just might be the complete set.
Can anyone show that it's not?
-Kevin
| From | Date | Subject | |
|---|---|---|---|
| Next Message | Tom Lane | 2009-02-16 15:34:08 | Re: SE-PostgreSQL and row level security |
| Previous Message | Tom Lane | 2009-02-16 15:11:13 | Re: SE-PostgreSQL and row level security |