This page in other versions: 9.1 / 9.2 / 9.3 / current (9.4)

F.12. dummy_seclabel

The dummy_seclabel module exists only to support regression testing of the SECURITY LABEL statement. It is not intended to be used in production.

F.12.1. Rationale

The SECURITY LABEL statement allows the user to assign security labels to database objects; however, security labels can only be assigned when specifically allowed by a loadable module, so this module is provided to allow proper regression testing.

Security label providers intended to be used in production will typically be dependent on a platform-specific feature such as SE-Linux. This module is platform-independent, and therefore better-suited to regression testing.

F.12.2. Usage

Here's a simple example of usage:

# postgresql.conf
shared_preload_libraries = 'dummy_seclabel'
postgres=# CREATE TABLE t (a int, b text);
postgres=# SECURITY LABEL ON TABLE t IS 'classified';

The dummy_seclabel module provides only four hardcoded labels: unclassified, classified, secret, and top secret. It does not allow any other strings as security labels.

These labels are not used to enforce access controls. They are only used to check whether the SECURITY LABEL statement works as expected, or not.

Add Comment

Please use this form to add your own comments regarding your experience with particular features of PostgreSQL, clarifications of the documentation, or hints for other users. Please note, this is not a support forum, and your IP address will be logged. If you have a question or need help, please see the faq, try a mailing list, or join us on IRC. Note that submissions containing URLs or other keywords commonly found in 'spam' comments may be silently discarded. Please contact the webmaster if you think this is happening to you in error.

Proceed to the comment form.

Privacy Policy | About PostgreSQL
Copyright © 1996-2015 The PostgreSQL Global Development Group