Skip site navigation (1) Skip section navigation (2)

Re: How to get SE-PostgreSQL acceptable

From: "Jonah H(dot) Harris" <jonah(dot)harris(at)gmail(dot)com>
To: KaiGai Kohei <kaigai(at)ak(dot)jp(dot)nec(dot)com>
Cc: Robert Haas <robertmhaas(at)gmail(dot)com>, Tom Lane <tgl(at)sss(dot)pgh(dot)pa(dot)us>, pgsql-hackers(at)postgresql(dot)org
Subject: Re: How to get SE-PostgreSQL acceptable
Date: 2009-01-29 05:55:36
Message-ID: 36e682920901282155x51ccc9afkb0e286bd0e99bdd2@mail.gmail.com (view raw or flat)
Thread:
Lists: pgsql-hackers
On Wed, Jan 28, 2009 at 9:49 PM, KaiGai Kohei <kaigai(at)ak(dot)jp(dot)nec(dot)com> wrote:

> IIRC, 0racle or M$ has a patent to rewrite WHERE clause for security
> purpose, so Tom suggested it should be implemented using a hook
> deployed within executor.


Yes, it was Oracle.  There are a couple newer revisions, but they're all
based primarily on Patent #6487552, Database Fine-grained Access Control,
Filed Oct 5, 1998/Issued Nov 26, 2002.  The patent covers defining a
security context, retrieving-defined policies from that context, and
applying those policies by directly calling a security-context-related
stored procedure in the WHERE clause as well as dynamically adding
security-related predicates to the WHERE-clause.

-- 
Jonah H. Harris, Senior DBA
myYearbook.com

In response to

pgsql-hackers by date

Next:From: Sushant SinhaDate: 2009-01-29 06:07:32
Subject: possible bug in cover density ranking?
Previous:From: KaiGai KoheiDate: 2009-01-29 05:46:38
Subject: Re: How to get SE-PostgreSQL acceptable

Privacy Policy | About PostgreSQL
Copyright © 1996-2014 The PostgreSQL Global Development Group