Re: [v9.4] row level security

On 12/13/13 11:40 PM, Craig Ringer wrote:
> You may want to check out the updated writable security-barrier views patch.
>
> http://www.postgresql.org/message-id/52AB112B.6020403@2ndquadrant.com
>
> It may offer a path forward for the CF submission for RLS, letting us
> get rid of the var/attr fiddling that many here objected to.

With my advocacy hat on, I'd like to revisit this idea now that there's
a viable updatable security barrier view submission. I thought the most
serious showstopper feedback from the last CF's RLS submission was that
this needed to be sorted out first. Reworking KaiGai's submission to
merge against Dean's new one makes it viable again in my mind, and I'd
like to continue toward re-reviewing it as part of this CF in that
light. Admittedly it's not ideal to try and do that at the same time
the barrier view patch is being modified, but I see that as a normal CF
merge of things based on other people's submissions.

I mentioned advocacy because the budding new PostgreSQL test instances
I'm seeing now will lose a lot of momentum if we end up with no user
visible RLS features in 9.4. The pieces we have now can assemble into
something that's useful, and I don't think that goal is unreasonably far
away.

--
Greg Smith greg(dot)smith(at)crunchydatasolutions(dot)com
Chief PostgreSQL Evangelist - http://crunchydatasolutions.com/