| From: | Stephen Frost <sfrost(at)snowman(dot)net> |
|---|---|
| To: | Andrew Dunstan <andrew(at)dunslane(dot)net> |
| Cc: | Josh Berkus <josh(at)agliodbs(dot)com>, Joshua Brindle <method(at)manicmethod(dot)com>, KaiGai Kohei <kaigai(at)kaigai(dot)gr(dot)jp>, PG Hackers <pgsql-hackers(at)postgresql(dot)org> |
| Subject: | Re: How to get SE-PostgreSQL acceptable |
| Date: | 2009-01-30 23:13:04 |
| Message-ID: | 20090130231304.GF8123@tamriel.snowman.net |
| Views: | Raw Message | Whole Thread | Download mbox | Resend email |
| Thread: | |
| Lists: | pgsql-hackers |
* Andrew Dunstan (andrew(at)dunslane(dot)net) wrote:
> Josh Berkus wrote:
>> So, for 8.4: *if* we included in 8.4 a version of SEPostgres with all
>> features *except* row-level security, would it still be useful to the
>> SELinux community?
>>
>> I think we're just not going to work out the headache-inducing issues
>> around row-level security in time for 8.4, and it seems to me that
>> integrated system-level security labels at the table-and-column level
>> are still very useful, even without row-level security.
I tend to agree that they will be very useful. I'm not sure there will
be much adoption without row-level in the security community though, to
be honest. I'd like to see it as part of an overall plan to eventually
do row-level support. Given the size of this overall work and feature
set, I think it's appropriate to do it in a staged manner regardless.
> Hasn't a plan for this already been posted? See
> http://archives.postgresql.org/pgsql-hackers/2009-01/msg02407.php
Sure, that's a plan, but Josh's question is certainly appropriate.
Thanks,
Stephen
| From | Date | Subject | |
|---|---|---|---|
| Next Message | Hiroshi Inoue | 2009-01-31 00:00:20 | Re: mingw check hung |
| Previous Message | Andrew Dunstan | 2009-01-30 23:06:12 | Re: How to get SE-PostgreSQL acceptable |