Re: Adding support for SE-Linux security

From: Robert Haas <robertmhaas(at)gmail(dot)com>
To: Tom Lane <tgl(at)sss(dot)pgh(dot)pa(dot)us>
Cc: Bruce Momjian <bruce(at)momjian(dot)us>, Magnus Hagander <magnus(at)hagander(dot)net>, Stephen Frost <sfrost(at)snowman(dot)net>, Chad Sellers <csellers(at)tresys(dot)com>, "David P(dot) Quigley" <dpquigl(at)tycho(dot)nsa(dot)gov>, Josh Berkus <josh(at)agliodbs(dot)com>, KaiGai Kohei <kaigai(at)ak(dot)jp(dot)nec(dot)com>, jd <jd(at)commandprompt(dot)com>, David Fetter <david(at)fetter(dot)org>, Itagaki Takahiro <itagaki(dot)takahiro(at)oss(dot)ntt(dot)co(dot)jp>, KaiGai Kohei <kaigai(at)kaigai(dot)gr(dot)jp>, pgsql-hackers <pgsql-hackers(at)postgresql(dot)org>
Subject: Re: Adding support for SE-Linux security
Date: 2009-12-11 05:17:25
Message-ID: 603c8f070912102117n63ed0b17p609f24e0c5d07e0f@mail.gmail.com
Views: Raw Message | Whole Thread | Download mbox | Resend email
Thread:
Lists: pgsql-hackers

On Thu, Dec 10, 2009 at 11:45 PM, Tom Lane <tgl(at)sss(dot)pgh(dot)pa(dot)us> wrote:
> If you're not prepared to assume that we're going to do row level
> security, it's not apparent why we should be embarking on this course
> at all.  And if you do assume that, I strongly believe that my effort
> estimate above is on the optimistic side.

Row-level security is going to be a very difficult project, no
question about it. However, if we implement a general facility rather
than something SE-Linux specific, I think we will have a killer
feature. I realize it's not for everyone, but for those who need it,
it's kick-ass.

But we have a while before we get to the point where we can even start
worrying about that pain. Stephen Frost's statements about the way
our access controls are scattered throughout our code are, I think, on
target. And cleaning that up seems to me to have value independently
of SE-PostgreSQL. I'm feeling (right now, anyway) like it would make
sense to pursue further the patch that KaiGai submitted for the last
CF and you rejected. It needed work, but I don't think it was
hopeless, or valueless.

...Robert

In response to

Responses

Browse pgsql-hackers by date

  From Date Subject
Next Message Takahiro Itagaki 2009-12-11 05:17:31 Re: Largeobject Access Controls (r2460)
Previous Message Jaime Casanova 2009-12-11 05:11:11 Re: thread safety on clients