Josh Berkus wrote:
> KaiGai,
>> It provides database users fine grained mandatory access control
>> including row and column level one, and integration with operating
>> system security policy.
> Column level?  We don't currently support that, except through VIEWs.
> How is it implemented?

PGACE provides a hook just after query rewriting phase.
SE-PostgreSQL walks on the query tree to check any required references
onto columns, as the implementation of the hook.
If a client does not have enough permissions onto the column,
SE-PostgreSQL abort the current transaction via ereport().


---------------------------(end of broadcast)---------------------------
TIP 7: You can help support the PostgreSQL project by donating at


Reply via email to