Tom, Andrew, KaiGai,

"Andrew Dunstan" <[EMAIL PROTECTED]> writes:
What's more, we have a SoC project for column level access controls.


I don't see the SE stuff as a replacement for that, since it apparently exists outside the standard SQL security model.

... which presumably wouldn't involve any added dependency on outside code.
For people who are already using SELinux or Trusted Solaris, making the
database dependent on that infrastructure might be seen as a plus, but
I'm not sure the rest of the world would be pleased.

Yes, I was thinking that this should be a compile-time option with a lot of warnings in the Docs.

Give the team some credit, though; they've managed to come up with a system that integrates OS-level ACLs for both SElinux and TxSol, are not asking us to incorporate two different sets, and are coming to us with a serious proposal that has a lot of work behind it. Please don't blow them off like they were undergrads submitting a semester project. If they need to come back after 8.3 beta so we can properly pay attention to the proposal, then say so.

There are also
some interesting questions about SQL spec compliance and whether a
database that silently hides some rows from you will give semantically
consistent results.

Yeah -- that's a potentially serious issue; KaiGai, have you looked into it?

--Josh Berkus


---------------------------(end of broadcast)---------------------------
TIP 7: You can help support the PostgreSQL project by donating at

               http://www.postgresql.org/about/donate

Reply via email to