| From: | Stephen Frost <sfrost(at)snowman(dot)net> |
|---|---|
| To: | Gregory Stark <stark(at)enterprisedb(dot)com> |
| Cc: | Tom Lane <tgl(at)sss(dot)pgh(dot)pa(dot)us>, Robert Haas <robertmhaas(at)gmail(dot)com>, Simon Riggs <simon(at)2ndquadrant(dot)com>, Joshua Brindle <method(at)manicmethod(dot)com>, Ron Mayer <rm_pg(at)cheapcomplexdevices(dot)com>, Josh Berkus <josh(at)agliodbs(dot)com>, "Joshua D(dot) Drake" <jd(at)commandprompt(dot)com>, Merlin Moncure <mmoncure(at)gmail(dot)com>, "Jonah H(dot) Harris" <jonah(dot)harris(at)gmail(dot)com>, Bruce Momjian <bruce(at)momjian(dot)us>, Bernd Helmle <mailings(at)oopsware(dot)de>, Peter Eisentraut <peter_e(at)gmx(dot)net>, pgsql-hackers(at)postgresql(dot)org |
| Subject: | Re: 8.4 release planning |
| Date: | 2009-01-27 17:41:36 |
| Message-ID: | 20090127174136.GN8123@tamriel.snowman.net |
| Views: | Raw Message | Whole Thread | Download mbox | Resend email |
| Thread: | |
| Lists: | pgsql-hackers |
* Gregory Stark (stark(at)enterprisedb(dot)com) wrote:
> It does seem weird to simply omit records rather than throw an error and
> require the user to use a where clause, even if it's something like WHERE
> pg_accessible(tab).
It is weird from an SQL perspective, I agree with you there. On the
other hand, it's what the security community is looking for, and is
what's implemented by other databases (Oracle, SQL Server...) that
do row-level security and security labels. Requiring a where clause
or you throw an error would certainly make porting applications that
depend on that mechanism somewhat difficult, and doesn't really seem
like it'd gain you all that much...
Stephen
| From | Date | Subject | |
|---|---|---|---|
| Next Message | Robert Haas | 2009-01-27 17:41:46 | Re: 8.4 release planning |
| Previous Message | Teodor Sigaev | 2009-01-27 17:40:48 | Re: gin fast insert performance |