Magnus, * Magnus Hagander (mag...@hagander.net) wrote: > On Fri, Dec 11, 2009 at 05:45, Tom Lane <t...@sss.pgh.pa.us> wrote: > > It's been perfectly clear since day one, and was reiterated as recently > > as today > > http://archives.postgresql.org/message-id/4b21757e.7090...@2ndquadrant.com > > that what the security community wants is row-level security. The > > If that is true, then shouldn't we have an implementation of row level > security *first*, and then an implementation of selinux hooks that > work with this row level security feature? Rather than first doing > selinux hooks, then row level security, which will likely need new > and/or changed hooks...
The proposal we're currently grappling with is to pull all the various
checks which are sprinkled through our code into a single area.
Clearly, if that work is done before we implement row-level security,
then the patch for row-level security will just add it's checks in the
security/ area and it'd be then easily picked up by SELinux, etc.
> I'm not convinced that row level security is actually that necessary
> (though it's a nice feature, with or without selinux), but if it is,
> it seems we are approaching the problem from the wrong direction.
It has to be implemented independent of the security/SELinux/etc changes
in any case, based on what was said previously.. So I don't
particularly understand why it matters a great deal which one happens
first. They're independently useful features, though both are not
nearly as good on their own as when they are combined. Sorry, I just
don't see this as a "cart-before-the-horse" case.
Thanks,
Stephen
signature.asc
Description: Digital signature
