KaiGai,
* KaiGai Kohei (kaigai@kaigai.gr.jp) wrote:
> However, it requires the plugin modules need to know everything;
> such as what is visible/invisible. It seems to me too closely-
> coupled interface.
I agree with Robert on this one. We're not trying to design a wholly
independent security module system for any project to pick up and use
here. We're discussing hooks to go into PostgreSQL to support a
PostgreSQL security module. In other words, I don't think we need to
worry over if the PG-SELinux security module could be re-used for
another project or is too "PG specific". If it's *not* very PG
specific then something is wrong.
The issues we're talking about with regard to MVCC, visibility, etc,
would all be applicable to any serious database anyway.
Thanks,
Stephen