Re: security label support, part.2

* Kevin Grittner (Kevin(dot)Grittner(at)wicourts(dot)gov) wrote:
> Many of the features KaiGai has discussed would fit nicely with
> court requirements -- and might even be prerequisites for
> considering moving security to the database level. Mandating
> identical security for all tables in a hierarchy would be a problem.

What you're describing isn't how inheiritance used to work in PG anyway,
so it's not really like we've made things worse. What used to happen is
that if your query against the parent table happened to hit a table you
didn't have access to, it'd fail outright with a permissions error, not
just skip over the things you didn't have access to. That certainly
wasn't ideal.

I think what you're really looking for is RLS (Row-Level Security),
which I think we would want to implement independently of the
inheiritance system (though it'd have to work with it, of course).
That's certainly something that I think would be great to have in PG and
would ideally be something which would address both of your "sometimes
everything is public except rows which look like X" and "all of these
types are non-public" situations.

I don't believe it's something that could be addressed *only* by
inheiritance though, in any case.

Thanks,

Stephen