* Gregory Stark (st...@enterprisedb.com) wrote: > It does seem weird to simply omit records rather than throw an error and > require the user to use a where clause, even if it's something like WHERE > pg_accessible(tab).
It is weird from an SQL perspective, I agree with you there. On the other hand, it's what the security community is looking for, and is what's implemented by other databases (Oracle, SQL Server...) that do row-level security and security labels. Requiring a where clause or you throw an error would certainly make porting applications that depend on that mechanism somewhat difficult, and doesn't really seem like it'd gain you all that much... Stephen
signature.asc
Description: Digital signature