I updated the patch set of SE-PostgreSQL (revision 1244). [1/6] http://sepgsql.googlecode.com/files/sepostgresql-sepgsql-8.4devel-3-r1244.patch [2/6] http://sepgsql.googlecode.com/files/sepostgresql-pg_dump-8.4devel-3-r1244.patch [3/6] http://sepgsql.googlecode.com/files/sepostgresql-policy-8.4devel-3-r1244.patch [4/6] http://sepgsql.googlecode.com/files/sepostgresql-docs-8.4devel-3-r1244.patch [5/6] http://sepgsql.googlecode.com/files/sepostgresql-tests-8.4devel-3-r1244.patch [6/6] http://sepgsql.googlecode.com/files/sepostgresql-row_acl-8.4devel-3-r1244.patch
Draft of the SE-PostgreSQL documentation is here: http://wiki.postgresql.org/wiki/SEPostgreSQL This revision contains some fixes required by some persons. (Thanks for Simon, Bruce and Tom.) List of updates: - Rebase to the latest CVS HEAD. - The fixed length security field of HeapTupleHeader becomes optimal. It enables enhanced security mechanism to control its allocation on heap_form_tuple(), and to reduce unnecessary storage consumption. The TupleDesc structure got a new variable of "tdhassecurity". When it is true, heap_form_tuple() allocates an additional field to store security identifier. The enhanced security mechanism can control value of the flag via a new hook: pgaceTupleDescHasSecurity(). - SE-PostgreSQL got a new GUC variable: "sepostgresql_row_level". When it turned off, SE-PostgreSQL does not apply its row-level access controls, and does not assign per-tuple security context. - The following two hooks are removed: * pgaceIsAllowPlannerHook() * pgaceIsAllowExecutorRunHook() And, the following hook is added * pgaceGramRelationOption() This hook gives a chance to handle relation options. - The row-level acl got two new relation options: * row_level_acl=on|off When it is tuened off, the row-level access controls are not applied, and security field is not allocated. * default_row_acl='...' It enables to specify a default for newly inserted tuples. - pg_security system catalog is added to the regression test of sanity_check. - Code cleanups related to module installation checks. Thanks, -- KaiGai Kohei <[EMAIL PROTECTED]> -- Sent via pgsql-hackers mailing list (pgsql-hackers@postgresql.org) To make changes to your subscription: http://www.postgresql.org/mailpref/pgsql-hackers