Re: Adding support for SE-Linux security

KaiGai Kohei wrote:.
> Needless to say, NEC is also a supporter to develop and maintain
> SE-PgSQL feature. We believe it is a necessity feature to construct
> secure platform for SaaS/Cloud computing, so my corporation has funded
> to develop SE-PgSQL for more than two years.
>
> As I noted before, if you worried about I escape anyware, it is quite
> incorrect. Now I've been working to develop and integrate SE-PgSQL in
> full-time.
>
> We can also say SELinux community provides a development resource to
> other OSS communities. For example, the recent version of Xorg has
> SELinux support in userspace, such as SE-PgSQL, by the developer who
> originally worked in SELinux community. SE-PgSQL is a similar case.
> Anyway, I don't think we should build barrier between communities.
>
>
>

I think you have been remarkably good about our caution in accepting
this. You certainly have my admiration for your patience.

What would probably help us a lot would be to know some names of large
users who want and will support this. NEC's name is a good start, but if
a few other enterprise users spoke up it would help to make the decision
a lot easier.

My own experience with SE-Linux has been fairly unfortunate - I have
tripped over it too many times and years ago adopted a practice of
turning it off whenever I could. I suspect many people have similar war
stories, and there will thus probably be quite some resistance to a
feature I accept could well be of significant use to some classes of users.

cheers

andrew