Re: AW: Proposal for enhancements of privilege system

Karel Zak <zakkr@zf.jcu.cz>

From: Karel Zak <zakkr@zf.jcu.cz>
To: Zeugswetter Andreas SB <ZeugswetterA@wien.spardat.at>
Cc: "'Peter Eisentraut'" <peter_e@gmx.net>, "'PostgreSQL Development'" <pgsql-hackers@postgresql.org>
Date: 2000-05-30T11:46:09Z
Lists: pgsql-hackers
On Tue, 30 May 2000, Zeugswetter Andreas SB wrote:

> > 
> > > Other db's usually use a char array for priaction and don't have
> > > priisgrantable, but code it into priaction. Or they use a bitfield.
> > > This has the advantage of only producing one row per table.
> > 
> > That's the price I'm willing to pay for abstraction, 
> > extensibility, and
> > verifyability. But I'm open for better ideas.
> 
> Imho this is an area that is extremly sensitive to performance,
> the rights have to be checked for each access.

 Yes, but I believe that Peter's idea is good. System tables are used for
each access not only for ACL, and performance problem is a problem for
system cache not primary for privilege system.

 I look forward set privilege for columns and functions. Large multiuser
projects need it.

							Karel