Home > mailing lists

Re: Updates of SE-PostgreSQL 8.4devel patches (r1268) - Mailing list pgsql-hackers

From	KaiGai Kohei
Subject	Re: Updates of SE-PostgreSQL 8.4devel patches (r1268)
Date	December 8, 2008 17:33:32
Msg-id	493D686D.7080305@kaigai.gr.jp Whole thread Raw
In response to	Re: Updates of SE-PostgreSQL 8.4devel patches (r1268) (Tom Lane <tgl@sss.pgh.pa.us>)
Responses	Re: Updates of SE-PostgreSQL 8.4devel patches (r1268) (Simon Riggs <simon@2ndQuadrant.com>)
List	pgsql-hackers

Tree view

Tom Lane wrote:
> KaiGai Kohei <kaigai@ak.jp.nec.com> writes:
>> Bruce Momjian wrote:
>>> I assume that could just be always enabled.
> 
>> It is not "always" enabled. When we build it with SE-PostgreSQL feature,
>> rest of enhanced security features (includes the row-level ACL) are
>> disabled automatically, as we discussed before.
> 
> It seems like a pretty awful idea to have enabling sepostgres take away
> a feature that exists in the default build.

Why?

The PGACE security framework allows one or no enhanced security
mechanism at most. It is quite natural that the default selection
is overrided when an alternative option is chosen explicitly.

Thanks,
-- 
KaiGai Kohei <kaigai@kaigai.gr.jp>

pgsql-hackers by date:

From: Tom Lane
Date: 08 December 2008, 17:15:37
Subject: Re: cvs head initdb hangs on unixware

From: "Pavel Stehule"
Date: 08 December 2008, 17:44:48
Subject: Re: new vacuum is slower for small tables

Re: Updates of SE-PostgreSQL 8.4devel patches (r1268) - Mailing list pgsql-hackers

Previous

Next