Re: security label support, revised

On Sat, Sep 25, 2010 at 7:04 AM, KaiGai Kohei <kaigai(at)kaigai(dot)gr(dot)jp> wrote:
> * The "dummy_esp" module and regression test for SECURITY LABEL statement.
>  This module allows only four labels: "unclassified", "classified",
>  "secret" and "top secret". The later two labels can be set by only
>  superusers. The new regression test uses this "dummy_esp" module to
>  find out future regression in SECURITY LABEL statement.
> * A minimum description about external security provider at the tail
>  of Database Roles and Privileges  chapter.
> * Add pg_seclabels system view
> * Revising pg_dump/pg_dumpall
>  - '--security-label' was replaced by '--no-security-label'
>  - implemented according to the manner in comments.
>    findSecLabels() and collectSecLabels() are added to reduce number of
>    SQL queries, in addition to dumpSecLabel().

Thanks, this looks like mostly good stuff. Here's a new version of
the patch with some bug fixes, additional regression tests, and other
cleanup. I think this is about ready to commit. I didn't adopt your
documentation and I renamed your contrib module from dummy_esp to
dummy_seclabel, but the rest I took more or less as you had it. For
now, I don't want to use the term "external security provider" because
that's not really what this provides - it just provides labels. I
initially thought that an external security provider would really turn
out to be a concept that was somewhat embedded in the system, but on
further reflection I don't think that's the case. I think what we're
going to end up with is a collection of hooks that might happen to be
useful for security-related things, but not necessarily just those.
Anyway, I feel that it's a bit premature to document too much about
what this might do someday; the documentation already in the patch is
adequate to explain what it does now.

--
Robert Haas
EnterpriseDB: http://www.enterprisedb.com
The Enterprise Postgres Company