On 09/18/2015 01:07 AM, Noah Misch wrote:
> Great. Robert, does that work for you, too? If so, this sub-thread is
> looking at three patches:
>
> 1. remove row_security=force
> 2. remove SECURITY_ROW_LEVEL_DISABLED; make ri_triggers.c subject to policies
> 3. add DDL-controlled, per-table policy forcing
>
> They ought to land in that order. PostgreSQL 9.5 would need at least (1) and
> (2); would RLS experts find it beneficial for me to take care of those?
That would be awesome, but I would say that if we do #1 & 2 for 9.5, we
also need #3.
Joe
--
Crunchy Data - http://crunchydata.com
PostgreSQL Support for Secure Enterprises
Consulting, Training, & Open Source Development