Bruce Momjian wrote:
Bruce Momjian wrote:
However, the toggle of row-level security feature should be controled
via a GUC option, not a discretionary option.
I'll add a "sepostgresql_row_level" option defined as bool to control
it on start up time.
This sounds similar to BSD capability were certain security settings can
only be changed in single-user mode.
Actually, an interesting idea would be to allow "sepostgresql_row_level"
to be turned on, but not off. That means if it was turned on in
postgresql.conf, it could not be turned off, but if it is off in
postgresql.conf, it could be turned on via SET or via ALTER
USER/DATABASE; I think that would be a nice capability.
I think the "sepostgresql_mode" and "sepostgresql_row_level" should not
be toggled frequently.
Please consider SELinux/SE-PostgreSQL requires various kind of objects
(including database objects) to be labeled properly at the initial state.
If it allows clients to turn on row-level security feature, it means many
"unlabeled" tuples appear suddenly. In generally, these have to be labeled
before the system get being available.
On a related note, KaiGai, you are now starting the long road of getting
feedback with the ultimate goal of getting your patch into CVS. I will
warn you that there is often much work during this stage, and it might
stretch into January as we request adjustments, but ultimately your
feature and Postgres will be better for it. Thanks for sticking with
it.
Don't worry, I'm be available for the works, and give a lot for inclusion
of the feature at v8.4.
Thanks,
--
OSS Platform Development Division, NEC
KaiGai Kohei <[EMAIL PROTECTED]>
--
Sent via pgsql-hackers mailing list (pgsql-hackers@postgresql.org)
To make changes to your subscription:
http://www.postgresql.org/mailpref/pgsql-hackers
