Re: Updates of SE-PostgreSQL 8.4devel patches (r1268)

Peter Eisentraut wrote:
> KaiGai Kohei wrote:
> > I don't agree. What is the reason why? It has been unclear for me.
> > 
> > The PGACE security framework is designed to allow users to choose
> > an enhanced security mechanism from some of provided options.
> > (Currently, we have sepgsql and rowacl.)
> > It is quite natural that one is disabled when the other is enabled.
> 
> As a general rule, mutually exclusive features as compile-time option 
> should be avoided at all costs.  Since most people use binary packages, 
> forcing the packager to make such a choice will always make a lot of 
> people unhappy, or alternatively cause one of the features to bitrot.
> 
> As a secondary rule, mutually exclusive features should be avoided at 
> all, without a compelling reason.  I don't see such a reason here.

I think there is a reason to have SE-Linux be compile-time because there
is no way to know at run time if the OS has the SE-Linux libraries,
right?  I assume this is similar to how we do LDAP.

But your larger point is that SQL-row-level security should always be
available, which I just posted about.

--  Bruce Momjian  <bruce@momjian.us>        http://momjian.us EnterpriseDB
http://enterprisedb.com
 + If your life is a hard drive, Christ can be your backup. +