Re: rest of works for security providers in v9.1

2010/12/13 KaiGai Kohei <kaigai@ak.jp.nec.com>:
> (2010/12/14 12:10), Robert Haas wrote:
>> 2010/12/13 KaiGai Kohei<kaigai@ak.jp.nec.com>:
>>> The starter version is not intended to use in production system,
>>
>> Well, what's the point, then?  I thought we had enough infrastructure
>> in place at this point to build a simple system that, while it
>> wouldn't meet every use case, would be useful to some people for
>> limited purposes.  If that's not the case, I'm disappointed.
>>
> The point is performance is not first priority right now.
> I guess its performance does not become a major issue, because lack
> of some features (such as DDL, row-level) are more glaring than its
> performance.
> It is an independent topic whether it is useful for limited purpose,
> or not. For example, when existing permission checks disallow all
> the DDL commands from web-applications anyway, it will achieve an
> expected role.

But you could also install a control into ProcessUtility_hook, right?
Saying, for example, you must have we_trust_you_a_lot_t to do any DDL?

--
Robert Haas
EnterpriseDB: http://www.enterprisedb.com
The Enterprise PostgreSQL Company