On mån, 2009-12-07 at 17:33 +0100, Martijn van Oosterhout wrote: > On Mon, Dec 07, 2009 at 01:09:59PM -0300, Alvaro Herrera wrote: > > > Given the extreme patience and diligence exhibited by KaiGai, I > > > hesitate to say this, but it seems to me that this would be > > > critically important for the long term success of this feature. I > > > have no idea how much work it would be to make the interface to the > > > external security system pluggable, but if it's at all feasible, I > > > think it should be done. > > > > This is how the code was developed initially -- the patch was called > > PGACE and SELinux was but the first implementation on top of it. > > I find it astonishing that after SE-PgSQL was implemented on top of a > pluggable system (PGACE) and this system was removed at request of the > "community" [1] that at this late phase people are suggesting it needs > to be added back again. Havn't the goalposts been moved enough times?
PGACE wasn't a plugin system. It was an API inside the core code. If it had been a plugin system, this would have been much easier, because the plugin itself could have been developed independently. -- Sent via pgsql-hackers mailing list (pgsql-hackers@postgresql.org) To make changes to your subscription: http://www.postgresql.org/mailpref/pgsql-hackers
