I don't oppose to elimination of "--disable-row-acl" options, however,
it is not clear for me whether it should be unavoidable selection in
the future, or not.
Look at the existing configure options; we don't remove features via
configure unless it is for some platform-specific reason. Please remove
the configure option and make it always enabled.
OK, I'll update it in the next patch set.
I assume that could just be always enabled.
It is not "always" enabled. When we build it with SE-PostgreSQL feature,
rest of enhanced security features (includes the row-level ACL) are
disabled automatically, as we discussed before.
Oh. Is that because we use SE-Linux row-level security when
SE-PostgreSQL is enabled? I guess that makes sense.
Yes, when SE-PostgreSQL is enabled, it provides row-level security,
and the per-tuple security field is used to show its security context.
Thanks,
--
OSS Platform Development Division, NEC
KaiGai Kohei <[EMAIL PROTECTED]>
--
Sent via pgsql-hackers mailing list (pgsql-hackers@postgresql.org)
To make changes to your subscription:
http://www.postgresql.org/mailpref/pgsql-hackers
