Re: Google SoC: column-level privilege subsystem

Golden Liu wrote:
> 3. Before evaluating a SQL command, check column-level privilege.
> This is done AFTER checking table-level privilege. As I mentioned
> before, if table-level privilege is granted, it's not necessary to
> check column-level privilege.

Golden, this sounds good. I'm just a user.

It sounds like table || column is the check, so table implies all of 
columns. ie, revoking a column permission does nothing unless TABLE 
permission is also revoked.

It also might be nice to specify some of the failure / usage modes.

ie, how does "SELECT * FROM Students" work if I don't have permission to 
a column. Return all values except for forbidden ones? How does "SELECT 
ForbiddenColumn FROM Students" work.

For INSERTS, they probably need to fail if you don't have permission to 
non-null columns. What about columns with default values? Are inserts 
permitted if you don't have permission to a column with default values?

Do you have a project page up somewhere? I wouldn't mind helping with 
some of the documentation for example.

Good luck!

- August