KaiGai Kohei wrote:
Might want to change the option name --enable-selinux to something
like --security-context.
In general, we might want to not name things selinux_* but instead
sepostgresql_* or security_* or security_context_*. Or maybe PGACE?
The pgace_* scheme is an attractive idea, although the server process
has to provide a bit more hints (like the name of security system column
and the kind of objects exported with security attribute) pg_dump to
support various kind of security features with smallest implementation.
It might not be necessary to provide all the hints pg_dump to make queries.
The minimum required information is which security feature is running on
the server process, or nothing. And, pg_dump can add a security system
column within its queries to get security attribute, if required.
Now, I'm considering to add pgaceDumpSOMETHING() functions within pg_dump
for better modularity. What do you think?
Thanks,
--
OSS Platform Development Division, NEC
KaiGai Kohei <[EMAIL PROTECTED]>
--
Sent via pgsql-hackers mailing list (pgsql-hackers@postgresql.org)
To make changes to your subscription:
http://www.postgresql.org/mailpref/pgsql-hackers
