Re: How to get SE-PostgreSQL acceptable - Mailing list pgsql-hackers

From KaiGai Kohei
Subject Re: How to get SE-PostgreSQL acceptable
Date
Msg-id 49812C52.8090400@ak.jp.nec.com
Whole thread Raw
In response to Re: How to get SE-PostgreSQL acceptable  (Robert Haas <robertmhaas@gmail.com>)
List pgsql-hackers
Robert Haas wrote:
> On Wed, Jan 28, 2009 at 10:15 PM, KaiGai Kohei <kaigai@ak.jp.nec.com> wrote:
>> It seems to me reference-counter is more preferable than boolean,
>> at least. But it makes performance pain on writer access when it
>> is expanded to row-level security.
> 
> A reference counter will never work. You could easily end up
> serializing all access to the database around the row-level lock on
> one popular security context.  That is a performance problem two or
> three orders of magnitude worse than anything that has been suggested
> so far in connection with this feature, and probably six orders of
> magnitude worse than the problem you're trying to solve (pg_security,
> or whatever we want to call it, getting too big).

Yes, I don't think it is a good approach also.
Just I though it was relatively preferable than boolean.

> For the record, I think Tom's concern in this area is largely
> off-base, especially in light of the fact that Joshua Brindle and
> Kaigai both agree that churn is not likely to be large.  I think we
> need some kind of plausible way to clean out the table, but I don't
> think it needs to be fully automated or super-efficient, just
> something that someone could do if they felt the need.

If pg_security is actually overflowed or makes compress storages
by unused ones, I recommend to stop the system and run a utility
to reclaim them. But I don't think it actually happen.

Thanks,
-- 
OSS Platform Development Division, NEC
KaiGai Kohei <kaigai@ak.jp.nec.com>


pgsql-hackers by date:

Previous
From: Stephen Frost
Date:
Subject: Re: Column-Level Privileges
Next
From: Bruce Momjian
Date:
Subject: Re: pg_upgrade project status