Skip site navigation (1) Skip section navigation (2)

Updates of SE-PostgreSQL 8.4devel patches (r1076)

From: KaiGai Kohei <kaigai(at)ak(dot)jp(dot)nec(dot)com>
To: pgsql-hackers(at)postgresql(dot)org
Cc: Bruce Momjian <bruce(at)momjian(dot)us>, Josh Berkus <josh(at)agliodbs(dot)com>, KaiGai Kohei <kaigai(at)kaigai(dot)gr(dot)jp>, Tom Lane <tgl(at)sss(dot)pgh(dot)pa(dot)us>, Robert Haas <robertmhaas(at)gmail(dot)com>
Subject: Updates of SE-PostgreSQL 8.4devel patches (r1076)
Date: 2008-10-01 06:48:24
Message-ID: 48E31D38.5060000@ak.jp.nec.com (view raw or flat)
Thread:
Lists: pgsql-hackers
I updated the following SE-PostgreSQL patches:

[1/5] http://sepgsql.googlecode.com/files/sepostgresql-sepgsql-8.4devel-3-r1076.patch
[2/5] http://sepgsql.googlecode.com/files/sepostgresql-pg_dump-8.4devel-3-r1076.patch
[3/5] http://sepgsql.googlecode.com/files/sepostgresql-policy-8.4devel-3-r1076.patch
[4/5] http://sepgsql.googlecode.com/files/sepostgresql-docs-8.4devel-3-r1076.patch
[5/5] http://sepgsql.googlecode.com/files/sepostgresql-tests-8.4devel-3-r1076.patch

- Patches are rebased to the latest CVS HEAD.
- Improvement of performance penalty for access checks.
   Reworks in access vector chache enables to reduce performance loss, as follows:
     http://kaigai.sakura.ne.jp/sblo_files/kaigai/image/080930_sepgsql_performance.png
   It shows about 8% loss in maximum, and larger scale database give us
   smaller losses in trend.
- Add a hook to check permission on "COPY TO/FROM <file>".
   In the previous version, SE-PostgreSQL does not check permissions
   to the file used in COPY statement. It is fixed.
- Documentation updates
   - Descriptions for build & install are reworked, because most of
     security policy for SE-PostgreSQL now got merged into the upstream
     selinux-policy package.
   - Add a "Limitation" section to describe about covert channel and
     reference integrity.

Thanks,
-- 
OSS Platform Development Division, NEC
KaiGai Kohei <kaigai(at)ak(dot)jp(dot)nec(dot)com>

In response to

Responses

pgsql-hackers by date

Next:From: Paul SchlieDate: 2008-10-01 06:57:47
Subject: Re: Block-level CRC checks
Previous:From: Gurjeet SinghDate: 2008-10-01 05:12:28
Subject: Re: Bad error message

Privacy Policy | About PostgreSQL
Copyright © 1996-2014 The PostgreSQL Global Development Group