| From: | Peter Eisentraut <peter_e(at)gmx(dot)net> |
|---|---|
| To: | pgsql-hackers(at)postgresql(dot)org |
| Cc: | KaiGai Kohei <kaigai(at)kaigai(dot)gr(dot)jp>, Tom Lane <tgl(at)sss(dot)pgh(dot)pa(dot)us>, Bruce Momjian <bruce(at)momjian(dot)us>, KaiGai Kohei <kaigai(at)ak(dot)jp(dot)nec(dot)com> |
| Subject: | Re: Updates of SE-PostgreSQL 8.4devel patches (r1268) |
| Date: | 2008-12-11 16:38:56 |
| Message-ID: | 200812111838.57436.peter_e@gmx.net |
| Views: | Raw Message | Whole Thread | Download mbox | Resend email |
| Thread: | |
| Lists: | pgsql-hackers |
On Thursday 11 December 2008 18:24:54 KaiGai Kohei wrote:
> Peter Eisentraut wrote:
> > On Thursday 11 December 2008 17:09:25 Tom Lane wrote:
> >> I think there should be only *one* underlying column and that it should
> >> be manipulable by either SQL commands or selinux. Otherwise you're
> >> making a lie of the primary argument for having the SQL feature at all.
> >
> > Well, an SQL-manipulated row security column will probably have a content
> > like
> >
> > {joe=rw/bob,staff=r/bob}
> >
> > An SELinux-aware row security column will probably have a content like
> >
> > blah_t:foo_t:quux_t
> >
> > And a Solaris TX-aware security column will probably have a content like
> >
> > Classified
> >
> > How can we stick all of these in the same column at the same time?
>
> To choose it on compile-time option is the most simple approach.
As mentioned before, compile-time options to choose between these variants in
a mutually exlusive manner is not acceptable.
Plus, using two of these together, or even three, is certainly useful and
reasonable in some uses.
| From | Date | Subject | |
|---|---|---|---|
| Next Message | Pavel Stehule | 2008-12-11 16:39:10 | Re: WIP: default values for function parameters |
| Previous Message | Peter Eisentraut | 2008-12-11 16:35:02 | Re: WIP: default values for function parameters |