Re: Google SoC: column-level privilege subsystem
| От | August Zajonc |
|---|---|
| Тема | Re: Google SoC: column-level privilege subsystem |
| Дата | |
| Msg-id | 462EED8B.4000004@augustz.com обсуждение исходный текст |
| Ответ на | Re: Google SoC: column-level privilege subsystem (Tom Lane <tgl@sss.pgh.pa.us>) |
| Список | pgsql-hackers |
Tom Lane wrote: > "Robert Haas" <Robert.Haas@dyntek.com> writes: > ... > >>> IF this will be implemented as suggested here, it will become >>> extremely counter-intuitive. >>> > ... > >> You could solve this by having explicit positive and negative ACLs, i.e. >> your permissions for a particular column are: >> > > Uh, wait a moment, people. The proposed project is to implement a > capability that is fully, 100% specified by the SQL standard. There > is zero scope for API invention here. You read the spec, you do > what it says. > > I did read the spec. My suggestion still stands. Because this is a non-standard construct in the security world (which generally does && when combining attributes) the fact that revoking permissions on a column does nothing unless table exist deserves being documented. I couldn't find the detail on the rest in the spec (what section is that in?) but I know Oracle allows inserts to happen if the columns without privilege are null or have a default value. Am I missing something obvious in the spec that describes this explicitly? - August
В списке pgsql-hackers по дате отправления: