mirror of
https://github.com/postgres/postgres.git
synced 2026-04-21 22:28:15 -04:00
8b9e9644dc
AclObjectKind was basically just another enumeration for object types, and we already have a preferred one for that. It's only used in aclcheck_error. By using ObjectType instead, we can also give some more precise error messages, for example "index" instead of "relation". Reviewed-by: Michael Paquier <michael.paquier@gmail.com> |
||
|---|---|---|
| .. | ||
| expected | ||
| sql | ||
| .gitignore | ||
| dummy_seclabel--1.0.sql | ||
| dummy_seclabel.c | ||
| dummy_seclabel.control | ||
| Makefile | ||
| README | ||
The dummy_seclabel module exists only to support regression testing of the SECURITY LABEL statement. It is not intended to be used in production. Rationale ========= The SECURITY LABEL statement allows the user to assign security labels to database objects; however, security labels can only be assigned when specifically allowed by a loadable module, so this module is provided to allow proper regression testing. Security label providers intended to be used in production will typically be dependent on a platform-specific feature such as SE-Linux. This module is platform-independent, and therefore better-suited to regression testing. Usage ===== Here's a simple example of usage: # postgresql.conf shared_preload_libraries = 'dummy_seclabel' postgres=# CREATE TABLE t (a int, b text); CREATE TABLE postgres=# SECURITY LABEL ON TABLE t IS 'classified'; SECURITY LABEL The dummy_seclabel module provides only four hardcoded labels: unclassified, classified, secret, and top secret. It does not allow any other strings as security labels. These labels are not used to enforce access controls. They are only used to check whether the SECURITY LABEL statement works as expected, or not. Author ====== KaiGai Kohei <kaigai@ak.jp.nec.com>