Skip site navigation (1) Skip section navigation (2)

Re: SE-PgSQL patch review

From: Bruce Momjian <bruce(at)momjian(dot)us>
To: Greg Williamson <gwilliamson39(at)yahoo(dot)com>
Cc: KaiGai Kohei <kaigai(at)ak(dot)jp(dot)nec(dot)com>, jd(at)commandprompt(dot)com, Tom Lane <tgl(at)sss(dot)pgh(dot)pa(dot)us>, David Fetter <david(at)fetter(dot)org>, Itagaki Takahiro <itagaki(dot)takahiro(at)oss(dot)ntt(dot)co(dot)jp>, KaiGai Kohei <kaigai(at)kaigai(dot)gr(dot)jp>, pgsql-hackers(at)postgresql(dot)org
Subject: Re: SE-PgSQL patch review
Date: 2009-12-02 03:15:55
Message-ID: 200912020315.nB23FtB22523@momjian.us (view raw or flat)
Thread:
Lists: pgsql-hackers
Greg Williamson wrote:
> As far as I can see, SUSE, Ubuntu and Debian provide SELinux
> option.  But they are more conservative than RedHat/Fedora,
> because it is not enabled in the default installation.
> 
> I don't think it is unpreferable decision. Users can choose the
> option by themself according to requirements in the system.
> 
> ===
> 
> How much of the work currently at hand might be applicable to
> other security models ? Would this be useful groundwork for
> anyone who wanted to implement other frameworks in terms of
> hooks, cleanup of existing code, etc. ?

Yes, it would offer clear groundwork for that, and could be easily
extended.  We didn't implement such a system at this stage because it
would have added additional code, but once there is demand the system
could be easily extended.

--
  Bruce Momjian  <bruce(at)momjian(dot)us>        http://momjian.us
  EnterpriseDB                             http://enterprisedb.com

  + If your life is a hard drive, Christ can be your backup. +

In response to

pgsql-hackers by date

Next:From: Robert HaasDate: 2009-12-02 03:21:41
Subject: Re: Page-level version upgrade (was: Block-level CRC checks)
Previous:From: Greg WilliamsonDate: 2009-12-02 02:46:23
Subject: Re: SE-PgSQL patch review

Privacy Policy | About PostgreSQL
Copyright © 1996-2014 The PostgreSQL Global Development Group