Magnus, * Magnus Hagander (mag...@hagander.net) wrote: > On Fri, Dec 11, 2009 at 05:45, Tom Lane <t...@sss.pgh.pa.us> wrote: > > It's been perfectly clear since day one, and was reiterated as recently > > as today > > http://archives.postgresql.org/message-id/4b21757e.7090...@2ndquadrant.com > > that what the security community wants is row-level security. The > > If that is true, then shouldn't we have an implementation of row level > security *first*, and then an implementation of selinux hooks that > work with this row level security feature? Rather than first doing > selinux hooks, then row level security, which will likely need new > and/or changed hooks...
The proposal we're currently grappling with is to pull all the various checks which are sprinkled through our code into a single area. Clearly, if that work is done before we implement row-level security, then the patch for row-level security will just add it's checks in the security/ area and it'd be then easily picked up by SELinux, etc. > I'm not convinced that row level security is actually that necessary > (though it's a nice feature, with or without selinux), but if it is, > it seems we are approaching the problem from the wrong direction. It has to be implemented independent of the security/SELinux/etc changes in any case, based on what was said previously.. So I don't particularly understand why it matters a great deal which one happens first. They're independently useful features, though both are not nearly as good on their own as when they are combined. Sorry, I just don't see this as a "cart-before-the-horse" case. Thanks, Stephen
signature.asc
Description: Digital signature