| From: | Zeugswetter Andreas SB <ZeugswetterA(at)wien(dot)spardat(dot)at> |
|---|---|
| To: | "'Karel Zak'" <zakkr(at)zf(dot)jcu(dot)cz> |
| Cc: | "'Peter Eisentraut'" <peter_e(at)gmx(dot)net>, "'PostgreSQL Development'" <pgsql-hackers(at)postgresql(dot)org> |
| Subject: | AW: AW: Proposal for enhancements of privilege system |
| Date: | 2000-05-30 13:44:11 |
| Message-ID: | 219F68D65015D011A8E000006F8590C604AF7DB6@sdexcsrv1.f000.d0188.sd.spardat.at |
| Views: | Raw Message | Whole Thread | Download mbox | Resend email |
| Thread: | |
| Lists: | pgsql-hackers |
> > > > Other db's usually use a char array for priaction and don't have
> > > > priisgrantable, but code it into priaction. Or they use
> a bitfield.
> > > > This has the advantage of only producing one row per table.
> > >
> > > That's the price I'm willing to pay for abstraction,
> > > extensibility, and
> > > verifyability. But I'm open for better ideas.
> >
> > Imho this is an area that is extremly sensitive to performance,
> > the rights have to be checked for each access.
>
> Yes, but I believe that Peter's idea is good. System tables
> are used for
> each access not only for ACL, and performance problem is a problem for
> system cache not primary for privilege system.
Yes I totally agree, that the basic idea is great, all I am saying is, that
I would
1. gather more than one priviledge per table into one row (all of: select,
insert, update ...)
2. try to look at some existing table structure from one biggie db and see
if it fits
Andreas
| From | Date | Subject | |
|---|---|---|---|
| Next Message | Jeff MacDonald | 2000-05-30 13:46:30 | RE: 7.0 weirdness |
| Previous Message | Zeugswetter Andreas SB | 2000-05-30 13:39:28 | AW: AW: Proposal for enhancements of privilege system |