| From: | Tom Lane <tgl(at)sss(dot)pgh(dot)pa(dot)us> |
|---|---|
| To: | KaiGai Kohei <kaigai(at)kaigai(dot)gr(dot)jp> |
| Cc: | Josh Berkus <josh(at)agliodbs(dot)com>, Andrew Dunstan <andrew(at)dunslane(dot)net>, pgsql-hackers(at)postgresql(dot)org, glenn(dot)faden(at)sun(dot)com, james(dot)hughes(at)sun(dot)com |
| Subject: | Re: [RFC] PostgreSQL Access Control Extension (PGACE) |
| Date: | 2007-04-18 18:53:23 |
| Message-ID: | 7855.1176922403@sss.pgh.pa.us |
| Views: | Raw Message | Whole Thread | Download mbox | Resend email |
| Thread: | |
| Lists: | pgsql-hackers |
KaiGai Kohei <kaigai(at)kaigai(dot)gr(dot)jp> writes:
>>> There are also
>>> some interesting questions about SQL spec compliance and whether a
>>> database that silently hides some rows from you will give semantically
>>> consistent results.
>>
>> Yeah -- that's a potentially serious issue; KaiGai, have you looked into
>> it?
> Yes, I consider the policy to filter any violated tuple looks consistently.
> The policy enforces any tuple has to be filtered before using them, and
> it helps that computational processes don't get any effect from them.
> But proving innocence is generally hard task.
> At first, I want to know what points are you worried about the most.
Unique constraints and foreign-key constraints seem the most pressing
problems. What will you do to avoid having different viewers have
different opinions about whether a constraint is violated?
regards, tom lane
| From | Date | Subject | |
|---|---|---|---|
| Next Message | Aidan Van Dyk | 2007-04-18 18:59:54 | Re: Hacking on PostgreSQL via GIT |
| Previous Message | KaiGai Kohei | 2007-04-18 18:45:44 | Re: [RFC] PostgreSQL Access Control Extension (PGACE) |