Re: SELinux context of PostgreSQL connection process

If the user is given the necessary permissions, then can the connection process get a context of the user?
I mean a category and a level (sensibility) by context.
Does the architecture of PostgreSQL permit to add changing a context of a connection process to context of the connecting user?

25.03.2015, 17:38, "Мартынов Александр" <m--a-s(at)yandex(dot)ru>:
> If the user is given the necessary rights, then can the connection process get a context of the user?
> Is there the possibility in principle?
>
> 24.03.2015, 21:11, "John R Pierce" <pierce(at)hogranch(dot)com>:
>>  On 3/24/2015 5:16 AM, Мартынов Александр wrote:
>>>   There is postgres db with sepgsql enabled. When user connect to postgres db with psql, postgres create new process for each connection. These processes have selinux context unconfined_u:unconfined_r:postgresql_t.
>>>
>>>   Is there a way to assign the process a context of user that connected to db?
>>  what if that user is on a different system connecting over the network?
>>
>>  no, the only user the postgres server processes should run as are those
>>  of the postgres server itself as it needs to read and write files in the
>>  postgres data directory tree.
>>
>>  --
>>  john, recycling bits in santa cruz
>>
>>  --
>>  Sent via pgsql-general mailing list (pgsql-general(at)postgresql(dot)org)
>>  To make changes to your subscription:
>>  http://www.postgresql.org/mailpref/pgsql-general
>
> --
> Sent via pgsql-general mailing list (pgsql-general(at)postgresql(dot)org)
> To make changes to your subscription:
> http://www.postgresql.org/mailpref/pgsql-general