Skip site navigation (1) Skip section navigation (2)

Re: Updates of SE-PostgreSQL 8.4devel patches (r1076)

From: KaiGai Kohei <kaigai(at)ak(dot)jp(dot)nec(dot)com>
To: pgsql-hackers(at)postgresql(dot)org
Cc: Bruce Momjian <bruce(at)momjian(dot)us>, Josh Berkus <josh(at)agliodbs(dot)com>, KaiGai Kohei <kaigai(at)kaigai(dot)gr(dot)jp>, Tom Lane <tgl(at)sss(dot)pgh(dot)pa(dot)us>, Robert Haas <robertmhaas(at)gmail(dot)com>
Subject: Re: Updates of SE-PostgreSQL 8.4devel patches (r1076)
Date: 2008-10-02 01:23:53
Message-ID: 48E422A9.2070103@ak.jp.nec.com (view raw or flat)
Thread:
Lists: pgsql-hackers
Now we have just a month due to the final deadline.

I think we could sort out and make clear its conceptual issues
during CommitFest:Sep. So, I think it is good time that we can
move to the disucussion about its implementation.

Anyway, I want any suggestions what should I pay my efforts to
during the remaining month.

Thanks,

KaiGai Kohei wrote:
> I updated the following SE-PostgreSQL patches:
> 
> [1/5] http://sepgsql.googlecode.com/files/sepostgresql-sepgsql-8.4devel-3-r1076.patch
> [2/5] http://sepgsql.googlecode.com/files/sepostgresql-pg_dump-8.4devel-3-r1076.patch
> [3/5] http://sepgsql.googlecode.com/files/sepostgresql-policy-8.4devel-3-r1076.patch
> [4/5] http://sepgsql.googlecode.com/files/sepostgresql-docs-8.4devel-3-r1076.patch
> [5/5] http://sepgsql.googlecode.com/files/sepostgresql-tests-8.4devel-3-r1076.patch
> 
> - Patches are rebased to the latest CVS HEAD.
> - Improvement of performance penalty for access checks.
>   Reworks in access vector chache enables to reduce performance loss, as 
> follows:
>     
> http://kaigai.sakura.ne.jp/sblo_files/kaigai/image/080930_sepgsql_performance.png 
> 
>   It shows about 8% loss in maximum, and larger scale database give us
>   smaller losses in trend.
> - Add a hook to check permission on "COPY TO/FROM <file>".
>   In the previous version, SE-PostgreSQL does not check permissions
>   to the file used in COPY statement. It is fixed.
> - Documentation updates
>   - Descriptions for build & install are reworked, because most of
>     security policy for SE-PostgreSQL now got merged into the upstream
>     selinux-policy package.
>   - Add a "Limitation" section to describe about covert channel and
>     reference integrity.
> 
> Thanks,

-- 
OSS Platform Development Division, NEC
KaiGai Kohei <kaigai(at)ak(dot)jp(dot)nec(dot)com>

In response to

Responses

pgsql-hackers by date

Next:From: Andrew DunstanDate: 2008-10-02 01:25:09
Subject: Re: Fwd: Has anyone built pgbash-7.3 against postgreSQL-8.3?
Previous:From: Gurjeet SinghDate: 2008-10-02 01:22:56
Subject: Re: Fwd: Has anyone built pgbash-7.3 against postgreSQL-8.3?

Privacy Policy | About PostgreSQL
Copyright © 1996-2014 The PostgreSQL Global Development Group