On Fri, Jul 23, 2010 at 8:32 AM, Stephen Frost <sfr...@snowman.net> wrote: > * Robert Haas (robertmh...@gmail.com) wrote: >> I don't understand why we wouldn't be able to support multiple >> providers for row-level security. Why do you think that's a problem? > > My guess would be that he's concerned about only having space in the > tuple header for 1 label. I see two answers- only allow 1 provider for > a given relation (doesn't strike me as a horrible limitation), or handle > labels as extra columns where you could have more than one.
I think we've been pretty clear in previous discussions that any row-level security implementation should be a general one, and SE-Linux or whatever can integrate with that to do what it needs to do. So I'm pretty sure we'll be using regular columns rather than cramming anything into the tuple header. There are pretty substantial performance benefits to such an implementation, as well. -- Robert Haas EnterpriseDB: http://www.enterprisedb.com The Enterprise Postgres Company -- Sent via pgsql-hackers mailing list (pgsql-hackers@postgresql.org) To make changes to your subscription: http://www.postgresql.org/mailpref/pgsql-hackers