| From: | Karel Zak <zakkr(at)zf(dot)jcu(dot)cz> |
|---|---|
| To: | Zeugswetter Andreas SB <ZeugswetterA(at)wien(dot)spardat(dot)at> |
| Cc: | "'Peter Eisentraut'" <peter_e(at)gmx(dot)net>, "'PostgreSQL Development'" <pgsql-hackers(at)postgresql(dot)org> |
| Subject: | Re: AW: AW: Proposal for enhancements of privilege system |
| Date: | 2000-05-30 14:08:31 |
| Message-ID: | Pine.LNX.3.96.1000530155516.18344G-100000@ara.zf.jcu.cz |
| Views: | Raw Message | Whole Thread | Download mbox | Resend email |
| Thread: | |
| Lists: | pgsql-hackers |
On Tue, 30 May 2000, Zeugswetter Andreas SB wrote:
> > Yes, but I believe that Peter's idea is good. System tables
> > are used for
> > each access not only for ACL, and performance problem is a problem for
> > system cache not primary for privilege system.
>
> Yes I totally agree, that the basic idea is great, all I am saying is, that
> I would
> 1. gather more than one priviledge per table into one row (all of: select,
> insert, update ...)
I disccuse this idea with Peter some month ago via private mails (Peter
has big patience .. :-) and we already calculate about it.
* needful ACL data for one object will very small and not spend very memory
in cache,
* in one moment you need information about one object and one privilege
type. SELECT/UPDATE/etc in one row is not needful, if you run SELECT you
need information about priv. for select only.
* it is very easy extendible, is not defined some special pozition in some
string or some special column for (example) SELECT. You can in future add
new privilege element.
> 2. try to look at some existing table structure from one biggie db and see
> if it fits
See pg_attribute --- here is very simular situation, but it is larger.
Karel
| From | Date | Subject | |
|---|---|---|---|
| Next Message | Jeff MacDonald | 2000-05-30 14:10:24 | Re: 7.0 weirdness |
| Previous Message | Jeff MacDonald | 2000-05-30 13:46:30 | RE: 7.0 weirdness |