| From: | Tom Lane <tgl(at)sss(dot)pgh(dot)pa(dot)us> |
|---|---|
| To: | "Andrew Dunstan" <andrew(at)dunslane(dot)net> |
| Cc: | "Josh Berkus" <josh(at)agliodbs(dot)com>, "KaiGai Kohei" <kaigai(at)kaigai(dot)gr(dot)jp>, pgsql-hackers(at)postgresql(dot)org, glenn(dot)faden(at)sun(dot)com, james(dot)hughes(at)sun(dot)com |
| Subject: | Re: [RFC] PostgreSQL Access Control Extension (PGACE) |
| Date: | 2007-04-16 23:29:24 |
| Message-ID: | 12044.1176766164@sss.pgh.pa.us |
| Views: | Raw Message | Whole Thread | Download mbox | Resend email |
| Thread: | |
| Lists: | pgsql-hackers |
"Andrew Dunstan" <andrew(at)dunslane(dot)net> writes:
> What's more, we have a SoC project for column level access controls.
... which presumably wouldn't involve any added dependency on outside code.
For people who are already using SELinux or Trusted Solaris, making the
database dependent on that infrastructure might be seen as a plus, but
I'm not sure the rest of the world would be pleased. There are also
some interesting questions about SQL spec compliance and whether a
database that silently hides some rows from you will give semantically
consistent results.
regards, tom lane
| From | Date | Subject | |
|---|---|---|---|
| Next Message | Florian Pflug | 2007-04-17 00:10:30 | Re: RESET command seems pretty disjointed now |
| Previous Message | Tom Lane | 2007-04-16 23:25:28 | Re: [RFC] PostgreSQL Access Control Extension (PGACE) |