Re: security label support, part.2

(2010/08/17 11:58), Tom Lane wrote:
> Stephen Frost<sfrost@snowman.net>  writes:
>> * KaiGai Kohei (kaigai@ak.jp.nec.com) wrote:
>>> Indeed, PG does not try to handle child table as an independent object
>>> from a parent table. However, if so, it seems to me strange that we can
>>> assign individual ownership and access privileges on child tables.
> 
>> I tend to agree.  Perhaps we should bring up, in an independent thread,
>> the question of if that really makes sense or if we should do something
>> to prevent it (or at least issue a warning when we detect it).
> 
> The reason there is still some value in setting permissions state on a
> child table is that that controls what happens when you address the
> child table directly, rather than implicitly by querying its parent.
> 
However, isn't it strange if we stand on the perspective that child table
is a part of parent object? It means an object have multiple properties
depending on the context.
If we want to allow someone to reference a part of the table (= child table),
I think VIEW is more appropriate and flexible tool.

Thanks,
-- 
KaiGai Kohei <kaigai@ak.jp.nec.com>