Robert,
* Robert Haas (robertmhaas@gmail.com) wrote:
> This is certainly true, but I also wonder what SE-PostgreSQL plans to
> do about this. Taking this to its logical exteme, the system security
> policy could change in mid-query - and while you'd like to think that
> the system would stop emitting tuples on a dime, that's probably not
> too feasible in practice. I am assuming that SE-PostgreSQL will want
> to do some kind of caching, but I wonder how one decides what to cache
> and for how long, and whether there's any mechanism for propagating
> cache invalidations.
Yes, SE-PG will be doing cacheing and this exact problem has already
been addressed (KaiGai's original SE-PG patches included cacheing,
actually). It's also not something that's unique to PG in any way.
Thanks,
Stephen