Re: 8.4 release planning

Поиск
Список
Период
Сортировка
От Ron Mayer
Тема Re: 8.4 release planning
Дата
Msg-id 497F65A6.3070606@cheapcomplexdevices.com
обсуждение исходный текст
Ответ на Re: 8.4 release planning  (Tom Lane <tgl@sss.pgh.pa.us>)
Ответы Re: 8.4 release planning  (Tom Lane <tgl@sss.pgh.pa.us>)
Список pgsql-hackers
Tom Lane wrote:
>> We do not consider that a short coming, anyone who needs to hide
>> existence of files needs to set up their directory structure to
>> disallow read/search/create on the directories they aren't allowed to
>> discover filenames in.
> 
> This seems to me to be exactly parallel to deciding that SELinux should
> control only table/column permissions within SQL; an approach that would
> be enormously less controversial, less expensive, and more reliable than
> what SEPostgres tries to do.

With the table/column approach, could users who needed some row-level
capabilities work around this easily by setting table-level access
control on partitions?

In some ways that seems like it'd be easier to manage as well.




В списке pgsql-hackers по дате отправления:

Предыдущее
От: Tom Lane
Дата:
Сообщение: Re: 8.4 release planning
Следующее
От: Stephen Frost
Дата:
Сообщение: Re: 8.4 release planning