Skip site navigation (1) Skip section navigation (2)

Row-Level Security

From: Stephen Frost <sfrost(at)snowman(dot)net>
To: pgsql-hackers <pgsql-hackers(at)postgresql(dot)org>
Subject: Row-Level Security
Date: 2009-12-12 20:30:03
Message-ID: 20091212203003.GL17756@tamriel.snowman.net (view raw or flat)
Thread:
Lists: pgsql-hackers
Greetings,

> I'll start a new thread on this specific topic to hopefully pull out
> anyone who's focus is more on that than on SEPG.

Row-Level security has been implemented in a number of existing
commercial databases.  There exists an implementation of row-level
security for PostgreSQL today in the form of SEPostgres.
I believe there is a signfigant user base who would like RLS without
SELinux (or perhaps with some other security manager).  As it is a
useful feature indepenent of SELinux, it should be implemented in a way
which doesn't depend on SELinux in any way.

I've started a wiki page to discuss this here:
http://wiki.postgresql.org/wiki/RLS

I'd like to start a discussion about RLS for PG- design, user-interface,
syntax, capabilities, on-disk format changes, etc.  For starters, I
think we shoud review the existing RLS implementations.  To that end,
I've added a number of articles about them to the wiki.  I think the
next step is to start summarizing how those operate and important
similarities and differences between them.  Our goal, of course, is to
take the best of what's out there.

Please comment, update the wiki, let us know you're interested in this.. 

	Thanks!

		Stephen

Responses

pgsql-hackers by date

Next:From: Michael ClemmonsDate: 2009-12-12 20:36:27
Subject: Re: 8.4.1 ubuntu karmic slow createdb
Previous:From: Magnus HaganderDate: 2009-12-12 20:24:23
Subject: Re: Winflex

Privacy Policy | About PostgreSQL
Copyright © 1996-2014 The PostgreSQL Global Development Group