KaiGai Kohei wrote:
Joshua D. Drake wrote:
> On Tue, 2009-12-01 at 14:46 -0500, Tom Lane wrote:
>> "Joshua D. Drake" <jd(at)commandprompt(dot)com> writes:
>>> On Mon, 2009-11-30 at 20:28 -0800, David Fetter wrote:
>>>> This is totally separate from the really important question of whether
>>>> SE-Linux has a future, and another about whether, if SE-Linux has a
>>>> future, PostgreSQL needs to go there.
>>> Why would we think that it doesn't?
>> Have you noticed anyone except Red Hat taking it seriously?
> I just did a little research and it appears the other two big names in
> this world (Novel and Ubuntu) are using something called App Armor.
As far as I can see, SUSE, Ubuntu and Debian provide SELinux option.
But they are more conservative than RedHat/Fedora, because it is not
enabled in the default installation.
I don't think it is unpreferable decision. Users can choose the option
by themself according to requirements in the system.
How much of the work currently at hand might be applicable to other security models ? Would this be useful groundwork for anyone who wanted to implement other frameworks in terms of hooks, cleanup of existing code, etc. ?
In response to
pgsql-hackers by date
|Next:||From: Bruce Momjian||Date: 2009-12-02 03:15:55|
|Subject: Re: SE-PgSQL patch review|
|Previous:||From: Caleb Welton||Date: 2009-12-02 02:36:05|
|Subject: [PATCH] bugfix for int2vectorin|