On Fri, 2010-08-06 at 11:02 -0400, Robert Haas wrote: > At PGCon, we discussed the possibility that a minimal SE-PostgreSQL > implementation would need little more than a hook in > ExecCheckRTPerms() [which we've since added] and a security label > facility [for which KaiGai has submitted a patch]. I actually sat > down to write the security label patch myself while we were in Ottawa, > but quickly ran into difficulties: while the hook we have now can't do > anything useful with objects other than relations, it's pretty clear > from previous discussions on this topic that the demand for labels on > other kinds of objects is not going to go away. Rather than adding > additional syntax to every object type in the system (some of which > don't even have ALTER commands at present), I suggested basing the > syntax on the existing COMMENT syntax. After some discussion[1], we > seem to have settled on the following: > > SECURITY LABEL [ FOR <provider> ] ON <object class> <object name> IS > '<label>';
I understand the concept and it seems like it might work. Not too keen on pretending a noun is a verb. That leads to erroring. <verb> SECURITY LABEL? verb = CREATE, ADD, ... Can't objects have more than one label? How will you set default security labels on objects? Where do you define labels? Will there be a new privilege to define this? Presumably object owners would not be able to set that themselves, otherwise you could create an object, add a security label to it and then use it to see other things at that level. -- Simon Riggs www.2ndQuadrant.com PostgreSQL Development, 24x7 Support, Training and Services -- Sent via pgsql-hackers mailing list (pgsql-hackers@postgresql.org) To make changes to your subscription: http://www.postgresql.org/mailpref/pgsql-hackers
