KaiGai Kohei wrote:
> I found a uncertain term in your comment.
> It seems to me the "model" has two meanings in this context.
> - The way to make access control decision (allowed? or denied?).
> - The granularity of access controls (tables? columns? or tuples?).
>
What I meant by "the SEPosgreSQL model for row filtering" was the
original implementation you had, where row filtering was handled by code
specific to SEPostgreSQL, not something generic enough to be used for
other purposes. I wasn't sure what if anything from there was still in
the patch, and you answered that clearly enough. Thanks for clarifying
where things are at.
--
Greg Smith 2ndQuadrant Baltimore, MD
PostgreSQL Training, Services and Support
greg@2ndQuadrant.com www.2ndQuadrant.com