Robert Haas wrote:
On Sat, Jul 25, 2009 at 11:27 PM, KaiGai Kohei<kai...@kaigai.gr.jp> wrote:
| Access control is conceptually to decide a set of allowed (or denied)
| actions between a certain subject (such as a database client) and an
| object (such as a table), and to apply the decision on user's requests.
| At the database privilege system, ACL stored in database objects itself
| holds a list of allowed actions to certain database roles, and it is
| applied on the user's request.
| SELinux also holds massive sets of allowed actions between a certain
| subject and a certain object, we call them security policy.
Is it obscure?
It's obscure to me. :-)
I think you need to define security policy more precisely and give at
least one or two examples of security policy entries.
OK, I'll try to define it more precisely and introduce a few examples
in the documents.
Thanks,
--
KaiGai Kohei <kai...@kaigai.gr.jp>
--
Sent via pgsql-hackers mailing list (pgsql-hackers@postgresql.org)
To make changes to your subscription:
http://www.postgresql.org/mailpref/pgsql-hackers
