Home > mailing lists

Re: Updates of SE-PostgreSQL 8.4devel patches (r1268) - Mailing list pgsql-hackers

From	KaiGai Kohei
Subject	Re: Updates of SE-PostgreSQL 8.4devel patches (r1268)
Date	December 11, 2008 15:25:03
Msg-id	49413ED6.5030306@kaigai.gr.jp Whole thread Raw
In response to	Re: Updates of SE-PostgreSQL 8.4devel patches (r1268) (Peter Eisentraut <peter_e@gmx.net>)
Responses	Re: Updates of SE-PostgreSQL 8.4devel patches (r1268) (Peter Eisentraut <peter_e@gmx.net>)
List	pgsql-hackers

Tree view

Peter Eisentraut wrote:
> On Thursday 11 December 2008 17:09:25 Tom Lane wrote:
>> I think there should be only *one* underlying column and that it should
>> be manipulable by either SQL commands or selinux.  Otherwise you're
>> making a lie of the primary argument for having the SQL feature at all.
> 
> Well, an SQL-manipulated row security column will probably have a content like
> 
>     {joe=rw/bob,staff=r/bob}
> 
> An SELinux-aware row security column will probably have a content like
> 
>    blah_t:foo_t:quux_t
> 
> And a Solaris TX-aware security column will probably have a content like
> 
>    Classified
> 
> How can we stick all of these in the same column at the same time?

To choose it on compile-time option is the most simple approach.

pgsql-hackers by date:

From: "Pavel Stehule"
Date: 11 December 2008, 15:21:04
Subject: Re: COCOMO & Indians

From: Peter Eisentraut
Date: 11 December 2008, 15:29:15
Subject: Re: Updates of SE-PostgreSQL 8.4devel patches (r1268)

Re: Updates of SE-PostgreSQL 8.4devel patches (r1268) - Mailing list pgsql-hackers

Previous

Next