On 09/18/2015 09:25 AM, Adam Brightwell wrote:
>>> 1. remove row_security=force
>>> 2. remove SECURITY_ROW_LEVEL_DISABLED; make ri_triggers.c subject to policies
>>> 3. add DDL-controlled, per-table policy forcing
>>>
>>> They ought to land in that order. PostgreSQL 9.5 would need at least (1) and
>>> (2); would RLS experts find it beneficial for me to take care of those?
>>
>> That would be awesome, but I would say that if we do #1 & 2 for 9.5, we
>> also need #3.
>
> Agreed. Please let me know if there is anything I can do to help.
Yes, same here.
Joe
--
Crunchy Data - http://crunchydata.com
PostgreSQL Support for Secure Enterprises
Consulting, Training, & Open Source Development