Just interesting if we could inplement some kind of RBAC (role based access control). Here is the reference: http://csrc.nist.gov/rbac/
We've used a lot simple (flat) RBAC built on top of postgresql, but would like to see more powerful (with roles hierarchy) rbac built-in. Oleg On Sat, 7 Jun 2003, Tom Lane wrote: > Peter Eisentraut <[EMAIL PROTECTED]> writes: > > ... Therefore I ask whether everyone agrees > > that groups and roles are basically equivalent concepts (and perhaps that > > we might in the future strive to make groups more compatible with the > > roles as defined in the SQL standard). Or does anyone see that roles > > might be implemented separately from groups sometime? > > Just reading section 4.31.3 of the SQL99 draft, it seems that roles are > pretty much interchangeable with groups, except that a role can be a > member of another role while we don't presently allow groups to be > members of other groups. > > So it seems that your question breaks down to: > > 1. Do we want to someday allow groups to have groups as members? (Seems > reasonable to me.) > > 2. Are there any other differences between groups and roles? (I'm not > sure about this one.) > > regards, tom lane > > ---------------------------(end of broadcast)--------------------------- > TIP 2: you can get off all lists at once with the unregister command > (send "unregister YourEmailAddressHere" to [EMAIL PROTECTED]) > Regards, Oleg _____________________________________________________________ Oleg Bartunov, sci.researcher, hostmaster of AstroNet, Sternberg Astronomical Institute, Moscow University (Russia) Internet: [EMAIL PROTECTED], http://www.sai.msu.su/~megera/ phone: +007(095)939-16-83, +007(095)939-23-83 ---------------------------(end of broadcast)--------------------------- TIP 6: Have you searched our list archives? http://archives.postgresql.org