Skip site navigation (1) Skip section navigation (2)

Re: sepgsql contrib module

From: Simon Riggs <simon(at)2ndQuadrant(dot)com>
To: KaiGai Kohei <kaigai(at)ak(dot)jp(dot)nec(dot)com>
Cc: Robert Haas <robertmhaas(at)gmail(dot)com>, KaiGai Kohei <kaigai(at)kaigai(dot)gr(dot)jp>, PgHacker <pgsql-hackers(at)postgresql(dot)org>
Subject: Re: sepgsql contrib module
Date: 2010-12-27 08:53:06
Message-ID: 1293439986.1193.61952.camel@ebony (view raw or flat)
Thread:
Lists: pgsql-hackers
On Fri, 2010-12-24 at 11:53 +0900, KaiGai Kohei wrote:

> The attached patch is the modular version of SE-PostgreSQL.

Looks interesting.

Couple of thoughts...

Docs don't mention row-level security. If we don't have it, I think we
should say that clearly.

I think we need a "Guide to Security Labels" section in the docs. Very
soon, because its hard to know what is being delivered and what is not.

Is the pg_seclabel table secure? Looks like the labels will be available
to read.

How do we tell if sepgsql is installed?

What happens if someone alters the configuration so that the sepgsql
plugin is no longer installed. Does the hidden data become visible?

Thanks

-- 
 Simon Riggs           http://www.2ndQuadrant.com/books/
 PostgreSQL Development, 24x7 Support, Training and Services
 


In response to

Responses

pgsql-hackers by date

Next:From: Simon RiggsDate: 2010-12-27 08:58:36
Subject: Re: Why is sorting on two columns so slower thansortingon one column?
Previous:From: Simon RiggsDate: 2010-12-27 08:32:21
Subject: Re: Streaming replication as a separate permissions

Privacy Policy | About PostgreSQL
Copyright © 1996-2014 The PostgreSQL Global Development Group