Re: How to get SE-PostgreSQL acceptable

Tom Lane wrote:
> Gregory Stark <stark@enterprisedb.com> writes:
> > I don't think partitioning is really the same thing as row-level
> > security.
> 
> Of course not, but it seems to me that it can be used to accomplish most
> of the same practical use-cases.  The main gripe about doing it via
> partitioning is that the user's nose gets rubbed in the fact that there
> can't be an enormous number of different security classifications in the
> same table (since he has to explicitly make a partition for each one).
> But the proposed implementation of row-level security would poop out
> pretty darn quick for such a case, too, and frankly I'm not seeing an
> application that would demand it.

OK, putting on my crazy idea hat, if we split the primary and foreign
keys by partition, it would give us polyinstantiation:
http://en.wikipedia.org/wiki/Polyinstantiation

because our unique indexes do not apply across partitions. 
Polyinstantiation is a desirable security feature and one that would be
tough to implement without partitions.

--  Bruce Momjian  <bruce@momjian.us>        http://momjian.us EnterpriseDB
http://enterprisedb.com
 + If your life is a hard drive, Christ can be your backup. +