Bruce Momjian wrote:
KaiGai Kohei wrote:
If we use some type of integer, I suggest using this structure for
pg_security:
CREATE TABLE pg_security(
relid oid,
secid int2,
secacl aclitem[],
secext TEXT
);
This allows the per-row value to be a simple int2. It also improves
maintenance because rows are associated only with a specific table;
unused values can then be removed more easily. And it allows both
secacl and secext security to be specified.
How does the approach resolve the pain of user interface?
I don't think packing two or more values into one field is not a right way.
I see later emails that say we have to have both security methods
available at the same time, and the table above does that. There would
be one security oid on every row and it would refer to this table.
I understand the voice for simultaneous support both of DAC and MAC.
If so, I strongly desire two security column and two security field
which can store its own attribute independently.
Sorry, I cannot think compounding two values into one field is
a reasonable solution.
Thanks,
--
KaiGai Kohei <kai...@kaigai.gr.jp>
--
Sent via pgsql-hackers mailing list (pgsql-hackers@postgresql.org)
To make changes to your subscription:
http://www.postgresql.org/mailpref/pgsql-hackers
