On 09/18/2015 01:07 AM, Noah Misch wrote: > Great. Robert, does that work for you, too? If so, this sub-thread is > looking at three patches: > > 1. remove row_security=force > 2. remove SECURITY_ROW_LEVEL_DISABLED; make ri_triggers.c subject to policies > 3. add DDL-controlled, per-table policy forcing > > They ought to land in that order. PostgreSQL 9.5 would need at least (1) and > (2); would RLS experts find it beneficial for me to take care of those?
That would be awesome, but I would say that if we do #1 & 2 for 9.5, we also need #3. Joe -- Crunchy Data - http://crunchydata.com PostgreSQL Support for Secure Enterprises Consulting, Training, & Open Source Development
signature.asc
Description: OpenPGP digital signature