Re: [v9.1] sepgsql - userspace access vector cache

From: Kohei KaiGai <kaigai(at)kaigai(dot)gr(dot)jp>
To: Stephen Frost <sfrost(at)snowman(dot)net>
Cc: PgHacker <pgsql-hackers(at)postgresql(dot)org>
Subject: Re: [v9.1] sepgsql - userspace access vector cache
Date: 2011-06-09 16:54:37
Message-ID: BANLkTimdTpYAZW3-LTPDGtQV9tvA3AhEXQ@mail.gmail.com
Views: Raw Message | Whole Thread | Download mbox | Resend email
Thread:
Lists: pgsql-hackers

2011/6/9 Stephen Frost <sfrost(at)snowman(dot)net>:
> * Kohei KaiGai (kaigai(at)kaigai(dot)gr(dot)jp) wrote:
>> The only modification by this patch to the core routine is a new
>> syscache for pg_seclabel system catalog. The SECLABELOID enables to
>> reference security label of the object using syscache interface.
>
> Perhaps I'm missing it, but.. why is this necessary to implement such a
> cache?  Also, I thought the SELinux userspace libraries provided a cache
> solution?  This issue is hardly unique to SELinux in PostgreSQL...
>
I'm concerned about its interface, although it might be suitable for
X-Windows...

Its avc interface identifies security context using a pointer of
malloc()'ed cstring.
In our case, we need to look up this security context on the hash managed by
libselinux using the result of syscache lookup. It is quite nonsense.

In addition, avc of libselinux confirms whether the security policy is reloaded
for each avc lookup, unless we launch a system state monitoring thread.
But, it is not a suitable design to launch a worker thread for each
pgsql backend.

Thanks,
--
KaiGai Kohei <kaigai(at)kaigai(dot)gr(dot)jp>

In response to

Responses

Browse pgsql-hackers by date

  From Date Subject
Next Message Alvaro Herrera 2011-06-09 16:55:24 Re: .gitignore for some of cygwin files
Previous Message Tom Lane 2011-06-09 16:52:55 Re: literature on write-ahead logging