On Wed, Jul 2, 2014 at 5:19 AM, Simon Riggs <simon@2ndquadrant.com> wrote:
> On 1 July 2014 18:32, Stephen Frost <sfrost@snowman.net> wrote:
>> Having functions to control the auditing would work, but it's not
>> exactly the ideal approach, imv, and
>
> What aspect is less than ideal?
>
>> the only reason it's being
>> discussed here is because it might be a way to allow an extension to
>> provide the auditing- not because it's actually a benefit to anyone.
>
> That is a false statement, as well as being a personal one. It's sad
> to hear personal comments in this.
I am not sure that it was personal, but I agree it's false.
> Auditing should, in my view, always be
> optional, since not everyone needs it. Cryptographic functions aren't
> in-core either and I'm guessing various security conscious
> organizations will use them and be happy. How does pgaudit differ from
> pgcrypto?
+1.
> Given the tone of this discussion, I don't see it going anywhere
> further anytime soon - that is good since there is no big rush.
> pgaudit is a sincere attempt to add audit functionality to Postgres.
> If you or anyone else wants to make a similarly sincere attempt to add
> audit functionality to Postgres, lets see the design and its
> connection to requirements.
Agreed all around.
--
Robert Haas
EnterpriseDB: http://www.enterprisedb.com
The Enterprise PostgreSQL Company