On Sat, 2008-11-15 at 00:58 +0900, KaiGai Kohei wrote: > Sorry, it seems to me you misunderstand something.
Yep, seems so. Thank goodness for that. Thanks for putting me straight. > > I would also like to see the feature part of normal Postgres, rather > > than as a compile time option. The per-row overhead would then be > > optional, just as WITH OIDS is optional. This would allow many > > applications to take advantage of row level security, without the need > > for switching to a different executable and without the need to enable > > it for every table. For high security applications, default_row_security > > = on would obviously be a requirement. With a single executable on all > > distros we will have more robust software and it will be easier to > > configure and use. > > An issue is who can enable or disable the row-level security option. > If the owner of table can do it discretionary, we don't call it a > "mandatory" access control feature. It seems fairly easy to do that with a GUC, or at least an option on CREATE DATABASE, with no equivalent ALTER DATABASE option. Once created with security, a table would not be able to turn off security. So nobody would be able to turn off security for existing data. -- Simon Riggs www.2ndQuadrant.com PostgreSQL Training, Services and Support -- Sent via pgsql-hackers mailing list (pgsql-hackers@postgresql.org) To make changes to your subscription: http://www.postgresql.org/mailpref/pgsql-hackers
