Re: security label support, part.2

Peter Eisentraut <peter_e@gmx.net>

From: Peter Eisentraut <peter_e@gmx.net>
To: Stephen Frost <sfrost@snowman.net>
Cc: Tom Lane <tgl@sss.pgh.pa.us>, Robert Haas <robertmhaas@gmail.com>, Kevin Grittner <Kevin.Grittner@wicourts.gov>, KaiGai Kohei <kaigai@kaigai.gr.jp>, pgsql-hackers@postgresql.org
Date: 2010-08-22T16:56:58Z
Lists: pgsql-hackers
On tis, 2010-08-17 at 20:04 -0400, Stephen Frost wrote:
> What I'm thinking of is something like a warning if the permissions on
> the child don't match those of the parent when the relationship is
> created, or maybe forcibly setting the permissions on the child (with
> a
> NOTICE), so it's at least clear what is going on.  Or perhaps, set the
> permissions on the child only if it doesn't have permissions (with the
> NOTICE), and issue a WARNING if the child already has permissions set.
> Perhaps also a WARNING if someone changes the permissions on a child
> after the relationship has been created too, but let it happen in case
> someone really wants it..

I think there are perfectly good reasons to have different permissions
on parent and child tables.  I don't see any reason to monkey around
with that.