Re: SE-PgSQL developer documentation (Re: Reworks for Access Control facilities (r2363))

KaiGai Kohei wrote:
> Robert Haas wrote:
>> 2009/10/27 KaiGai Kohei <kaigai@ak.jp.nec.com>:
>>> - no statement support to specify security context.
>>>  (It makes impossible to add support in pg_dump. Is it really OK?)
>> I doubt that anything without pg_dump support would be even vaguely OK...
> 
> In my previous experience, it enabled to reduce 300-400 lines of the patch.
> But here is no more sense than the 300-400 lines.
> 
> In my honest, I like to include a feature to specify an explicit security
> context in the patch from the begining.
> (It also allows to attach test cases with more variations.)

Can you explain why that's required for pg_dump support? I was thinking
that there would be no explicit security labels on objects, and
permissions would be checked based on other inherent properties of the
object, like owner, name, schema etc.

--  Heikki Linnakangas EnterpriseDB   http://www.enterprisedb.com