Robert Haas wrote:
> On Wed, Jan 28, 2009 at 9:27 PM, Stephen Frost <sfrost@snowman.net> wrote:
>> Robert,
>>
>> * Robert Haas (robertmhaas@gmail.com) wrote:
>>> pg_security (which I really think out to be renamed to
>>> pg_selinux_context or something, and make a new table if we someday
>>> support Trusted Solaris or whatever).
>> Err, this doesn't really make sense if we're doing row-level security,
>> that's not something which is tied to SELinux or Trusted Solaris. Of
>> course, it's likely we'll need such a pg_selinux_context table or
>> something too.. Or maybe pg_security can be pg_rls instead. Just
>> wanted to avoid confusion over this point.. Assuming Peter's approach
>> is the path that is generally agreed upon by core..
>
> I don't think there's anything about pg_security that is specific to
> row-level security.
Yes, SELinux requires any objects (not only tuples) to be labeled.
The pg_security is also necessary for tables/columns/...
Thanks,
--
OSS Platform Development Division, NEC
KaiGai Kohei <kaigai@ak.jp.nec.com>
