Re: Row-security writer-side checks proposal - Mailing list pgsql-hackers

From Stephen Frost
Subject Re: Row-security writer-side checks proposal
Date
Msg-id 20131105140131.GV2706@tamriel.snowman.net
Whole thread Raw
In response to Re: Row-security writer-side checks proposal  (Robert Haas <robertmhaas@gmail.com>)
Responses Re: Row-security writer-side checks proposal
Re: Row-security writer-side checks proposal
List pgsql-hackers
* Robert Haas (robertmhaas@gmail.com) wrote:
> Now maybe that's fine.  But given that, I think it's pretty important
> that we get the syntax right.  Because if you're adding a feature
> primarily to add a more convenient syntax, then the syntax had better
> actually be convenient.

I agree that we want to get the syntax correct, but also very clear as
it's security related and we don't want anyone surprised by what happens
when they use it.  The idea, as has been discussed in the past, is to
then allow tying RLS in with SELinux and provide MAC.
Thanks,
    Stephen

pgsql-hackers by date:

Previous
From: Pavel Golub
Date:
Subject: exit_horribly vs exit_nicely in pg_dump
Next
From: Oskari Saarenmaa
Date:
Subject: Re: [PATCH] configure: add git describe output to PG_VERSION when building a git tree