Tom Lane wrote:
> The idea of input functions that alter system tables scares me.
An example: SELECT 'system_u:object_r:sepgsql_table_t:SystemHigh'::security_label;
can insert a new tuple into pg_security, but it is not a desirable behavior.
To fix this, I'll remove security_label type and define "security_context"
system column as a text type column, and translate the contents into
an internal identifical representation just before update or insert a tuple.
It enables to avoid to insert a temporary used (unnecessary) security context,
and enables to use various kind of text functions.
Please comment it, if you have anything.
Thanks,
--
OSS Platform Development Division, NEC
KaiGai Kohei <kaigai@ak.jp.nec.com>