From: | Robert Haas <robertmhaas(at)gmail(dot)com> |
---|---|
To: | Tom Lane <tgl(at)sss(dot)pgh(dot)pa(dot)us> |
Cc: | Bruce Momjian <bruce(at)momjian(dot)us>, Magnus Hagander <magnus(at)hagander(dot)net>, Stephen Frost <sfrost(at)snowman(dot)net>, Chad Sellers <csellers(at)tresys(dot)com>, "David P(dot) Quigley" <dpquigl(at)tycho(dot)nsa(dot)gov>, Josh Berkus <josh(at)agliodbs(dot)com>, KaiGai Kohei <kaigai(at)ak(dot)jp(dot)nec(dot)com>, jd <jd(at)commandprompt(dot)com>, David Fetter <david(at)fetter(dot)org>, Itagaki Takahiro <itagaki(dot)takahiro(at)oss(dot)ntt(dot)co(dot)jp>, KaiGai Kohei <kaigai(at)kaigai(dot)gr(dot)jp>, pgsql-hackers <pgsql-hackers(at)postgresql(dot)org> |
Subject: | Re: Adding support for SE-Linux security |
Date: | 2009-12-11 05:17:25 |
Message-ID: | 603c8f070912102117n63ed0b17p609f24e0c5d07e0f@mail.gmail.com |
Views: | Raw Message | Whole Thread | Download mbox | Resend email |
Thread: | |
Lists: | pgsql-hackers |
On Thu, Dec 10, 2009 at 11:45 PM, Tom Lane <tgl(at)sss(dot)pgh(dot)pa(dot)us> wrote:
> If you're not prepared to assume that we're going to do row level
> security, it's not apparent why we should be embarking on this course
> at all. And if you do assume that, I strongly believe that my effort
> estimate above is on the optimistic side.
Row-level security is going to be a very difficult project, no
question about it. However, if we implement a general facility rather
than something SE-Linux specific, I think we will have a killer
feature. I realize it's not for everyone, but for those who need it,
it's kick-ass.
But we have a while before we get to the point where we can even start
worrying about that pain. Stephen Frost's statements about the way
our access controls are scattered throughout our code are, I think, on
target. And cleaning that up seems to me to have value independently
of SE-PostgreSQL. I'm feeling (right now, anyway) like it would make
sense to pursue further the patch that KaiGai submitted for the last
CF and you rejected. It needed work, but I don't think it was
hopeless, or valueless.
...Robert
From | Date | Subject | |
---|---|---|---|
Next Message | Takahiro Itagaki | 2009-12-11 05:17:31 | Re: Largeobject Access Controls (r2460) |
Previous Message | Jaime Casanova | 2009-12-11 05:11:11 | Re: thread safety on clients |