From: | Josh Berkus <josh(at)agliodbs(dot)com> |
---|---|
To: | Tom Lane <tgl(at)sss(dot)pgh(dot)pa(dot)us> |
Cc: | Andrew Dunstan <andrew(at)dunslane(dot)net>, KaiGai Kohei <kaigai(at)kaigai(dot)gr(dot)jp>, pgsql-hackers(at)postgresql(dot)org, glenn(dot)faden(at)sun(dot)com, james(dot)hughes(at)sun(dot)com |
Subject: | Re: [RFC] PostgreSQL Access Control Extension (PGACE) |
Date: | 2007-04-17 23:24:57 |
Message-ID: | 46255749.1090507@agliodbs.com |
Views: | Raw Message | Whole Thread | Download mbox | Resend email |
Thread: | |
Lists: | pgsql-hackers |
Tom, Andrew, KaiGai,
> "Andrew Dunstan" <andrew(at)dunslane(dot)net> writes:
>> What's more, we have a SoC project for column level access controls.
I don't see the SE stuff as a replacement for that, since it apparently
exists outside the standard SQL security model.
> ... which presumably wouldn't involve any added dependency on outside code.
> For people who are already using SELinux or Trusted Solaris, making the
> database dependent on that infrastructure might be seen as a plus, but
> I'm not sure the rest of the world would be pleased.
Yes, I was thinking that this should be a compile-time option with a lot
of warnings in the Docs.
Give the team some credit, though; they've managed to come up with a
system that integrates OS-level ACLs for both SElinux and TxSol, are not
asking us to incorporate two different sets, and are coming to us with a
serious proposal that has a lot of work behind it. Please don't blow
them off like they were undergrads submitting a semester project. If
they need to come back after 8.3 beta so we can properly pay attention
to the proposal, then say so.
There are also
> some interesting questions about SQL spec compliance and whether a
> database that silently hides some rows from you will give semantically
> consistent results.
Yeah -- that's a potentially serious issue; KaiGai, have you looked into it?
--Josh Berkus
From | Date | Subject | |
---|---|---|---|
Next Message | Stephan Szabo | 2007-04-17 23:27:06 | Re: Can't ri_KeysEqual() consider two nulls as equal? |
Previous Message | Josh Berkus | 2007-04-17 23:16:08 | Re: SoC Students/Projects selected |