On 2014-03-13 10:24:09 -0400, Tom Lane wrote:
> Andres Freund <andres@2ndquadrant.com> writes:
> > But security labels are a nice idea, will think about it. AFAICs there's
> > no builtin subdivision within the label for one provider which is a bit
> > of a shame but solvable. The biggest issue I see is that it essentially
> > seems to require that the provider is in
> > {shared,local}_preload_libraries? You can't restore into a server
> > otherwise afaics?
>
> Well, if you want to validate the settings then you pretty much have to
> require that in some form.
If there were a CREATE SECURITY LABEL PROVIDER or something, with the
catalog pointing to a validator function, we wouldn't necessarily...
Greetings,
Andres Freund
-- Andres Freund http://www.2ndQuadrant.com/PostgreSQL Development, 24x7 Support, Training &
Services