Re: 8.4 release planning
Jaime Casanova <jcasanov@systemguards.com.ec>
From: Jaime Casanova <jcasanov@systemguards.com.ec>
To: Tom Lane <tgl@sss.pgh.pa.us>
Cc: Joshua Brindle <method@manicmethod.com>, Josh Berkus <josh@agliodbs.com>, Stephen Frost <sfrost@snowman.net>, Gregory Stark <stark@enterprisedb.com>, Robert Haas <robertmhaas@gmail.com>, Simon Riggs <simon@2ndquadrant.com>, Ron Mayer <rm_pg@cheapcomplexdevices.com>, "Joshua D. Drake" <jd@commandprompt.com>, Merlin Moncure <mmoncure@gmail.com>, "Jonah H. Harris" <jonah.harris@gmail.com>, Bruce Momjian <bruce@momjian.us>, Bernd Helmle <mailings@oopsware.de>, Peter Eisentraut <peter_e@gmx.net>, pgsql-hackers@postgresql.org
Date: 2009-01-28T03:48:19Z
Lists: pgsql-hackers
On Tue, Jan 27, 2009 at 2:18 PM, Tom Lane <tgl@sss.pgh.pa.us> wrote: > > This seems to me to be exactly parallel to deciding that SELinux should > control only table/column permissions within SQL; an approach that would > be enormously less controversial, less expensive, and more reliable than > what SEPostgres tries to do. > seems that the controversial part of sepgsql is row level permissions, can we try to commit (obviously with good revision and test) the table/column privileges part of that patch? that is still a step on the direction of full centralized security management on the system... let the row level privileges part for 8.5, that way the patch will be smaller now and then... remember, postponed is not rejected is just a way to give more time to think (WITH patch comes from the prior release cycle and was committed in this release), not to think about one scenario but about all possible scenarios in a more wide audience -- Atentamente, Jaime Casanova Soporte y capacitación de PostgreSQL Asesoría y desarrollo de sistemas Guayaquil - Ecuador Cel. +59387171157