Re: Adding support for SE-Linux security

From: Robert Haas <robertmhaas(at)gmail(dot)com>
To: Bruce Momjian <bruce(at)momjian(dot)us>
Cc: Josh Berkus <josh(at)agliodbs(dot)com>, Tom Lane <tgl(at)sss(dot)pgh(dot)pa(dot)us>, KaiGai Kohei <kaigai(at)ak(dot)jp(dot)nec(dot)com>, jd(at)commandprompt(dot)com, David Fetter <david(at)fetter(dot)org>, Itagaki Takahiro <itagaki(dot)takahiro(at)oss(dot)ntt(dot)co(dot)jp>, KaiGai Kohei <kaigai(at)kaigai(dot)gr(dot)jp>, pgsql-hackers(at)postgresql(dot)org
Subject: Re: Adding support for SE-Linux security
Date: 2009-12-07 22:57:11
Message-ID: 603c8f070912071457u4af3e625ge85350055350c25f@mail.gmail.com
Views: Raw Message | Whole Thread | Download mbox | Resend email
Thread:
Lists: pgsql-hackers

On Mon, Dec 7, 2009 at 1:00 PM, Bruce Momjian <bruce(at)momjian(dot)us> wrote:
> As Alvaro mentioned, the original patch used ACE but it added too much
> code so the community requested its removal from the patch.  It could be
> re-added if we have a need.

Well, there's no point in putting that framework back in unless we can
make it sufficiently general that it could be used to serve the needs
of more than one security model. And so far, the signs have not been
promising. David Quigley suggests downthread that making a truly
general model isn't really possible, and he may be right, or not. I
was just mentioning that it's an angle I have been thinking about
investigating, but it may be a dead end.

The real issue is making the code committable, and then maintaining
it, as Tom rightly says, forever. We've got to make sure that we're
willing to take that on before we do it, and I don't think it's a
small task. It isn't so much whether we want the feature as whether
the level of effort is proportionate to the benefit.

...Robert

In response to

Responses

Browse pgsql-hackers by date

  From Date Subject
Next Message Robert Haas 2009-12-07 23:02:36 Re: bug: json format and auto_explain
Previous Message Stephen Cook 2009-12-07 22:36:43 Re: Exclusion Constraint vs. Constraint Exclusion