> The low-privilege user isn't elevating the label. If the tuple was > visible by multiple labels it was already elevated. All I am suggesting > is the system remove the one it can see, leaving the other ones intact. > This makes the row appear to be deleted by the lower privileged user, > whereas in fact it was merely updated. There need not be any ordering to > the labels for this scheme to work.
I see. That seems like it makes sense, but what about the update case? ...Robert -- Sent via pgsql-hackers mailing list (pgsql-hackers@postgresql.org) To make changes to your subscription: http://www.postgresql.org/mailpref/pgsql-hackers
