| From: | Casey Allen Shobe <casey(at)shobe(dot)info> |
|---|---|
| To: | David Fetter <david(at)fetter(dot)org> |
| Cc: | "Roberts, Jon" <Jon(dot)Roberts(at)asurion(dot)com>, Blazej <bl(dot)oleszkiewicz(at)gmail(dot)com>, 0123 zyxw <0123zyxw(at)gmail(dot)com>, Kevin Hunter <hunteke(at)earlham(dot)edu>, mailtoyahoo(at)gmail(dot)com, Postgres General List <pgsql-general(at)postgresql(dot)org>, Ron Mayer <rm_pg(at)cheapcomplexdevices(dot)com> |
| Subject: | Re: Oracle and Postgresql |
| Date: | 2008-09-24 20:13:01 |
| Message-ID: | B3357D09-D808-4BD3-BBBF-D1E6B0CE9ACD@shobe.info |
| Views: | Raw Message | Whole Thread | Download mbox | Resend email |
| Thread: | |
| Lists: | pgsql-general pgsql-www |
On Sep 15, 2008, at 6:58 AM, David Fetter wrote:
>> Roles,
>
> We have 'em.
We do NOT have secure application roles or anywhere near the level of
configurability in security aspects as Oracle. We've got a great
foundation, but we lack a lot of fine-grained granularity (e.g. an
Oracle SAR can allow a role to execute a particular function based on
the result of another function call or query, which has rather a lot
of possibilities - consider grant connect on database to staff when
hour_of_day () between 9 and 6; also consider row-level and column-
level and even field-level access controls).
It's complicated in Oracle, but there's a lot of possibilities there
that we simply cannot reproduce. But this could be extended one day. :)
Cheers,
--
Casey Allen Shobe
Database Architect, The Berkeley Electronic Press
| From | Date | Subject | |
|---|---|---|---|
| Next Message | Asko Oja | 2008-09-24 20:13:38 | Re: Slony vs Longiste |
| Previous Message | Jason Long | 2008-09-24 20:10:10 | Re: Slony vs Longiste |
| From | Date | Subject | |
|---|---|---|---|
| Next Message | Scott Ribe | 2008-09-25 01:12:40 | Re: Obfuscated stored procedures (was Re: Oracle and Postgresql) |
| Previous Message | Tom Lane | 2008-09-24 20:08:25 | Re: Obfuscated stored procedures (was Re: Oracle and Postgresql) |