| From: | Stephen Frost <sfrost(at)snowman(dot)net> |
|---|---|
| To: | Robert Haas <robertmhaas(at)gmail(dot)com> |
| Cc: | Craig Ringer <craig(at)2ndquadrant(dot)com>, Kohei KaiGai <kaigai(at)kaigai(dot)gr(dot)jp>, PostgreSQL Hackers <pgsql-hackers(at)postgresql(dot)org> |
| Subject: | Re: Row-security writer-side checks proposal |
| Date: | 2013-11-05 14:01:31 |
| Message-ID: | 20131105140131.GV2706@tamriel.snowman.net |
| Views: | Raw Message | Whole Thread | Download mbox | Resend email |
| Thread: | |
| Lists: | pgsql-hackers |
* Robert Haas (robertmhaas(at)gmail(dot)com) wrote:
> Now maybe that's fine. But given that, I think it's pretty important
> that we get the syntax right. Because if you're adding a feature
> primarily to add a more convenient syntax, then the syntax had better
> actually be convenient.
I agree that we want to get the syntax correct, but also very clear as
it's security related and we don't want anyone surprised by what happens
when they use it. The idea, as has been discussed in the past, is to
then allow tying RLS in with SELinux and provide MAC.
Thanks,
Stephen
| From | Date | Subject | |
|---|---|---|---|
| Next Message | Oskari Saarenmaa | 2013-11-05 14:05:24 | Re: [PATCH] configure: add git describe output to PG_VERSION when building a git tree |
| Previous Message | Pavel Golub | 2013-11-05 13:46:08 | exit_horribly vs exit_nicely in pg_dump |