Just interesting if we could inplement some kind of RBAC
(role based access control). Here is the reference:
http://csrc.nist.gov/rbac/
We've used a lot simple (flat) RBAC built on top of postgresql, but
would like to see more powerful (with roles hierarchy) rbac built-in.
Oleg
On Sat, 7 Jun 2003, Tom Lane wrote:
> Peter Eisentraut <[EMAIL PROTECTED]> writes:
> > ... Therefore I ask whether everyone agrees
> > that groups and roles are basically equivalent concepts (and perhaps that
> > we might in the future strive to make groups more compatible with the
> > roles as defined in the SQL standard). Or does anyone see that roles
> > might be implemented separately from groups sometime?
>
> Just reading section 4.31.3 of the SQL99 draft, it seems that roles are
> pretty much interchangeable with groups, except that a role can be a
> member of another role while we don't presently allow groups to be
> members of other groups.
>
> So it seems that your question breaks down to:
>
> 1. Do we want to someday allow groups to have groups as members? (Seems
> reasonable to me.)
>
> 2. Are there any other differences between groups and roles? (I'm not
> sure about this one.)
>
> regards, tom lane
>
> ---------------------------(end of broadcast)---------------------------
> TIP 2: you can get off all lists at once with the unregister command
> (send "unregister YourEmailAddressHere" to [EMAIL PROTECTED])
>
Regards,
Oleg
_____________________________________________________________
Oleg Bartunov, sci.researcher, hostmaster of AstroNet,
Sternberg Astronomical Institute, Moscow University (Russia)
Internet: [EMAIL PROTECTED], http://www.sai.msu.su/~megera/
phone: +007(095)939-16-83, +007(095)939-23-83
---------------------------(end of broadcast)---------------------------
TIP 6: Have you searched our list archives?
http://archives.postgresql.org
