Tom Lane wrote:
> Gregory Stark <stark(at)enterprisedb(dot)com> writes:
> > I don't think partitioning is really the same thing as row-level
> > security.
> Of course not, but it seems to me that it can be used to accomplish most
> of the same practical use-cases. The main gripe about doing it via
> partitioning is that the user's nose gets rubbed in the fact that there
> can't be an enormous number of different security classifications in the
> same table (since he has to explicitly make a partition for each one).
> But the proposed implementation of row-level security would poop out
> pretty darn quick for such a case, too, and frankly I'm not seeing an
> application that would demand it.
OK, putting on my crazy idea hat, if we split the primary and foreign
keys by partition, it would give us polyinstantiation:
because our unique indexes do not apply across partitions.
Polyinstantiation is a desirable security feature and one that would be
tough to implement without partitions.
Bruce Momjian <bruce(at)momjian(dot)us> http://momjian.us
+ If your life is a hard drive, Christ can be your backup. +
In response to
pgsql-hackers by date
|Next:||From: Bruce Momjian||Date: 2009-01-29 05:19:30|
|Subject: Re: How to get SE-PostgreSQL acceptable|
|Previous:||From: Robert Haas||Date: 2009-01-29 04:42:11|
|Subject: Re: 8.4 release planning|