>> Why an OID? We store acl items now without a lookup table; I think
>> there will be at most the same number of SE-Linux entries. Also, by
>> using text we avoid the problem of cleaning out unreferenced pg_security
>> rows, improve performance (no lookups), and simplify the code.
>
> In addition, it also has performance gain.
> The current architecture does not need to look up pg_security in most
> cases. SE-PostgreSQL caches results of access controls in userspace
I think this is a very compelling point.
...Robert