As we talked at the developer meeting on Ottawa, it needs to provide
a capability to assign a short text identifier on database objects
to support label based ESP (such as SELinux).
So, I'd like to propose a few approaches to support security label
as a draft of discussion.
An example of label:
KaiGai,
* KaiGai Kohei (kai...@ak.jp.nec.com) wrote:
As we talked at the developer meeting on Ottawa, it needs to provide
a capability to assign a short text identifier on database objects
to support label based ESP (such as SELinux).
So, I'd like to propose a few approaches to support
Stephen Frost sfr...@snowman.net writes:
We also add a dependency between the labeled object and the security
label itself. It also enables to clean up orphan labels automatically,
without any new invention.
I agree that we need to address this. I am kind of curious how this is
handled for
* Tom Lane (t...@sss.pgh.pa.us) wrote:
Stephen Frost sfr...@snowman.net writes:
I agree that we need to address this. I am kind of curious how this is
handled for comments? It appears to be, but I don't see an entry in
pg_depend when a comment is added to an object, yet the entry in
Stephen Frost sfr...@snowman.net writes:
* Tom Lane (t...@sss.pgh.pa.us) wrote:
I'm not real sure that you want a dependency for a security label anyway
--- wouldn't that mean each label could only be used for one object?
Err, your question comes across to me like if you added comments to
On Thu, May 27, 2010 at 4:01 PM, Tom Lane t...@sss.pgh.pa.us wrote:
Stephen Frost sfr...@snowman.net writes:
* Tom Lane (t...@sss.pgh.pa.us) wrote:
I'm not real sure that you want a dependency for a security label anyway
--- wouldn't that mean each label could only be used for one object?
* Tom Lane (t...@sss.pgh.pa.us) wrote:
Stephen Frost sfr...@snowman.net writes:
Err, your question comes across to me like if you added comments to
pg_depend, you'd only be able to use a given comment X for one object?.
Doesn't make alot of sense. :)
Well, one of us is confused. I
(2010/05/28 4:12), Stephen Frost wrote:
KaiGai,
* KaiGai Kohei (kai...@ak.jp.nec.com) wrote:
As we talked at the developer meeting on Ottawa, it needs to provide
a capability to assign a short text identifier on database objects
to support label based ESP (such as SELinux).
So, I'd like to
(2010/05/28 5:11), Robert Haas wrote:
On Thu, May 27, 2010 at 4:01 PM, Tom Lanet...@sss.pgh.pa.us wrote:
Stephen Frostsfr...@snowman.net writes:
* Tom Lane (t...@sss.pgh.pa.us) wrote:
I'm not real sure that you want a dependency for a security label anyway
--- wouldn't that mean each label
(2010/05/28 5:25), Stephen Frost wrote:
* Tom Lane (t...@sss.pgh.pa.us) wrote:
Stephen Frostsfr...@snowman.net writes:
Err, your question comes across to me like if you added comments to
pg_depend, you'd only be able to use a given comment X for one object?.
Doesn't make alot of sense. :)
10 matches
Mail list logo
