>>> Tom Lane <t...@sss.pgh.pa.us> wrote: > "Kevin Grittner" <kevin.gritt...@wicourts.gov> writes: >> Gregory Stark <st...@enterprisedb.com> wrote: >>> And it doesn't accomplish anything since the covert >>> channels it attempts to address are still open. > >> Hyperbole. We're not very likely to go the SE-* route, but I can say >> that we've got some of the issues it addresses, and it is a very >> different thing for someone to know, for example, that there is a >> paternity case 2009PA000023 in a county, and for them to know what the >> case caption is (which includes the names). > > Which is something you could implement with standard SQL column > permissions; and could *not* implement with row-level access > permissions. Row-level is all or nothing for each row. Well, 99% of the cases are a matter of public record and we *do* have to show case caption. It's not the caption column in general which must be hidden, nor the fact that a row with that primary key exists, but the *contents* of certain rows. We can identify those based on case type, and a class code which is essentially a finer-grained categorization of cases, and limit who can see what based on permissions tables we maintain. We do that in the application, but I can certainly understand and sympathize with those who want to control that at the level allowed by SE-* technology. -Kevin
-- Sent via pgsql-hackers mailing list (pgsql-hackers@postgresql.org) To make changes to your subscription: http://www.postgresql.org/mailpref/pgsql-hackers
