In response to Misa Simic <misa.simic@xxxxxxxxx>: > > But maybe it would be better to reorganise security on the way that users > who do not need to have access to some data - simply do not have it > (instead of to give them data and latter check log to confirm they have > taken it...) In many cases that's not enough. For example with HIPAA in the US, a user may be allowed to access data, but there still _has_ to be a log record for each access. -- Bill Moran http://www.potentialtech.com http://people.collaborativefusion.com/~wmoran/ -- Sent via pgsql-general mailing list (pgsql-general@xxxxxxxxxxxxxx) To make changes to your subscription: http://www.postgresql.org/mailpref/pgsql-general
