Tom Lane wrote: > KaiGai Kohei <[EMAIL PROTECTED]> writes: >> Bruce Momjian wrote: >>> I assume that could just be always enabled. > >> It is not "always" enabled. When we build it with SE-PostgreSQL feature, >> rest of enhanced security features (includes the row-level ACL) are >> disabled automatically, as we discussed before. > > It seems like a pretty awful idea to have enabling sepostgres take away > a feature that exists in the default build.
Why? The PGACE security framework allows one or no enhanced security mechanism at most. It is quite natural that the default selection is overrided when an alternative option is chosen explicitly. Thanks, -- KaiGai Kohei <[EMAIL PROTECTED]> -- Sent via pgsql-hackers mailing list (pgsql-hackers@postgresql.org) To make changes to your subscription: http://www.postgresql.org/mailpref/pgsql-hackers
