Re: Updates of SE-PostgreSQL 8.4devel patches (r1268)

From: Bruce Momjian <bruce(at)momjian(dot)us>
To: Peter Eisentraut <peter_e(at)gmx(dot)net>
Cc: KaiGai Kohei <kaigai(at)kaigai(dot)gr(dot)jp>, Tom Lane <tgl(at)sss(dot)pgh(dot)pa(dot)us>, KaiGai Kohei <kaigai(at)ak(dot)jp(dot)nec(dot)com>, pgsql-hackers(at)postgresql(dot)org
Subject: Re: Updates of SE-PostgreSQL 8.4devel patches (r1268)
Date: 2008-12-10 12:45:29
Message-ID: 200812101245.mBACjTa04003@momjian.us
Views: Raw Message | Whole Thread | Download mbox | Resend email
Thread:
Lists: pgsql-hackers

Peter Eisentraut wrote:
> KaiGai Kohei wrote:
> > I don't agree. What is the reason why? It has been unclear for me.
> >
> > The PGACE security framework is designed to allow users to choose
> > an enhanced security mechanism from some of provided options.
> > (Currently, we have sepgsql and rowacl.)
> > It is quite natural that one is disabled when the other is enabled.
>
> As a general rule, mutually exclusive features as compile-time option
> should be avoided at all costs. Since most people use binary packages,
> forcing the packager to make such a choice will always make a lot of
> people unhappy, or alternatively cause one of the features to bitrot.
>
> As a secondary rule, mutually exclusive features should be avoided at
> all, without a compelling reason. I don't see such a reason here.

I think there is a reason to have SE-Linux be compile-time because there
is no way to know at run time if the OS has the SE-Linux libraries,
right? I assume this is similar to how we do LDAP.

But your larger point is that SQL-row-level security should always be
available, which I just posted about.

--
Bruce Momjian <bruce(at)momjian(dot)us> http://momjian.us
EnterpriseDB http://enterprisedb.com

+ If your life is a hard drive, Christ can be your backup. +

In response to

Responses

Browse pgsql-hackers by date

  From Date Subject
Next Message KaiGai Kohei 2008-12-10 12:55:06 Re: Updates of SE-PostgreSQL 8.4devel patches (r1268)
Previous Message Robert Haas 2008-12-10 12:44:56 Re: ALTER composite type does not work, but ALTER TABLE which ROWTYPE is used as a type - works fine