Skip site navigation (1) Skip section navigation (2)

Re: SE-PgSQL patch review

From: Greg Williamson <gwilliamson39(at)yahoo(dot)com>
To: KaiGai Kohei <kaigai(at)ak(dot)jp(dot)nec(dot)com>, jd(at)commandprompt(dot)com
Cc: Tom Lane <tgl(at)sss(dot)pgh(dot)pa(dot)us>, David Fetter <david(at)fetter(dot)org>, Bruce Momjian <bruce(at)momjian(dot)us>, Itagaki Takahiro <itagaki(dot)takahiro(at)oss(dot)ntt(dot)co(dot)jp>, KaiGai Kohei <kaigai(at)kaigai(dot)gr(dot)jp>, pgsql-hackers(at)postgresql(dot)org
Subject: Re: SE-PgSQL patch review
Date: 2009-12-02 02:46:23
Message-ID: (view raw or whole thread)
Lists: pgsql-hackers
KaiGai Kohei wrote:

Joshua D. Drake wrote:
> On Tue, 2009-12-01 at 14:46 -0500, Tom Lane wrote:
>> "Joshua D. Drake" <jd(at)commandprompt(dot)com> writes:
>>> On Mon, 2009-11-30 at 20:28 -0800, David Fetter wrote:
>>>> This is totally separate from the really important question of whether
>>>> SE-Linux has a future, and another about whether, if SE-Linux has a
>>>> future, PostgreSQL needs to go there.
>>> Why would we think that it doesn't?
>> Have you noticed anyone except Red Hat taking it seriously?
> I just did a little research and it appears the other two big names in
> this world (Novel and Ubuntu) are using something called App Armor.

As far as I can see, SUSE, Ubuntu and Debian provide SELinux option.
But they are more conservative than RedHat/Fedora, because it is not
enabled in the default installation.

I don't think it is unpreferable decision. Users can choose the option
by themself according to requirements in the system.


How much of the work currently at hand might be applicable to other security models ? Would this be useful groundwork for anyone who wanted to implement other frameworks in terms of hooks, cleanup of existing code, etc. ?

Greg W.

In response to


pgsql-hackers by date

Next:From: Bruce MomjianDate: 2009-12-02 03:15:55
Subject: Re: SE-PgSQL patch review
Previous:From: Caleb WeltonDate: 2009-12-02 02:36:05
Subject: [PATCH] bugfix for int2vectorin

Privacy Policy | About PostgreSQL
Copyright © 1996-2015 The PostgreSQL Global Development Group