Return-Path: pg_adm@postgres.berkeley.edu
Received: by postgres.Berkeley.EDU (5.61/1.29)
	id AA16904; Thu, 11 Jul 91 14:37:40 -0700
Date: Thu, 11 Jul 91 14:37:40 -0700
Message-Id: <9107112137.AA16904@postgres.Berkeley.EDU>
From: kemnitz@hermes.Berkeley.EDU (Greg Kemnitz)
Subject: Re: version 3.0
To: postgres@postgres.berkeley.edu


Not likely.  Security checks should be done in the backend (and not in the
terminal monitor, since any libpq application can issue a query) and
implementing this is nontrivial.  This does not hinder the use of Postgres as
a multi-user system; it does, however, hinder its use for sensitive data.

I suppose a determined student may be able to "cheat" and discover aspects of
other student's projects, etc due to this problem, but since such activities
would require a developer's level knowledge about Postgres internals, the
likelihood of this happening is rather remote.

	Greg Kemnitz
	kemnitz@postgres.berkeley.edu