Re: rest of works for security providers in v9.1
| От | Robert Haas |
|---|---|
| Тема | Re: rest of works for security providers in v9.1 |
| Дата | |
| Msg-id | AANLkTi=ZUL5r6iFNCnFT+xsddT6fJSeiMdxVGRX+KkNe@mail.gmail.com обсуждение исходный текст |
| Ответ на | rest of works for security providers in v9.1 (KaiGai Kohei <kaigai@ak.jp.nec.com>) |
| Ответы |
Re: rest of works for security providers in v9.1
|
| Список | pgsql-hackers |
2010/12/12 KaiGai Kohei <kaigai@ak.jp.nec.com>: > I'd like to see opinions what facilities should be developed > to the current v9.1 development cycle. It seems to me that the next commit after the label-switcher-function patch ought to be a contrib module that implements a basic form of SE-Linux driven permissions checking. I'm pretty unexcited about continuing to add additional facilities that could be used by a hypothetical module without actually seeing that module, and I think that the label-switcher-function patch is the last piece of core infrastructure that is a hard requirement rather than "nice to have".I'd rather have a complete feature with limited capabilitiesthan half a feature with really awesome capabilities. I suspect that getting fine-grained DDL permissions into PostgreSQL 9.1 is not going to happen. There is a significant amount of complexity there and we are getting short on time. It took us three CommitFests to work through the plan we discussed at PGCon, and this isn't so much simpler that I expect to be able to do it in one. Of course, how you want to spend your time is up to you, but count me as a strong vote for postponing this work to 9.2, when there will be ample time to give it the care and attention it needs. -- Robert Haas EnterpriseDB: http://www.enterprisedb.com The Enterprise PostgreSQL Company
В списке pgsql-hackers по дате отправления: