* Joshua Brindle (method@manicmethod.com) wrote:
> They are separate. If you look at the patches you'll see a pgace part,
> this is where the core interfaces to the security backends, and you'll
> see a rowacl backend and an sepgsql backend.
Right, guess it wasn't clear to me that the PGACE bits for row-level
access control could be used independently of SELinux (and maybe even on
systems that don't have SELinux..?).
> Personally I'd like to see all of the access control moved out to use
> pgace, including the standard DAC permissions but I doubt that would
> never happen.
Yeah... That's a whole 'nother discussion.
Stephen