Skip site navigation (1) Skip section navigation (2)

Re: Updates of SE-PostgreSQL 8.4devel patches (r1155)

From: KaiGai Kohei <kaigai(at)ak(dot)jp(dot)nec(dot)com>
To: Simon Riggs <simon(at)2ndQuadrant(dot)com>
Cc: pgsql-hackers(at)postgresql(dot)org
Subject: Re: Updates of SE-PostgreSQL 8.4devel patches (r1155)
Date: 2008-10-30 02:51:54
Message-ID: (view raw or whole thread)
Lists: pgsql-hackers
Simon Riggs wrote:
> On Wed, 2008-10-29 at 17:42 +0900, KaiGai Kohei wrote:
>> I've updated my patches, these are ready for CommitFest:Nov.
>> [1/6]
>> [2/6]
>> [3/6]
>> [4/6]
>> [5/6]
>> [6/6]
>> The comprehensive documentation for SE-PostgreSQL is here:
>> (it is now under reworking.)
>> List of updates:
>> - Patches are rebased to the latest CVS HEAD.
>> - bugfix: TRUNCATE checks assumed SECCLASS_DB_TUPLE object class
>> - bugfix: sepgsqlCopyFile assumed SECCLASS_FILE object class, but it has to be
>>            adjusted by st_mode.
>> Request for Comments:
>> - The 4th patch is actually needed? It can be replaced by wiki page.
>> - Do you think anything remained towards the final CommitFest?
>> - Do you have any reviewing comment? Most of patches are unchanged from
>>    the previous vesion. If you can comment anything, I can fix them without
>>    waiting for the final commit fest.
> I'm copying some general comments from my contact here, verbatim. Other
> comments have been requested and may be forthcoming:
> By way of background "Common Criteria" (ISO Standard 15408) are in
> effect pre-defined security requirements that have been agreed between
> multiple friendly governments so that they can share the results from
> independent lab work in each country and avoid the costs and duplication
> of effort.   The published lab work results in two outputs: 
> - a "Target of Evaluation" (TOE) i.e. tight definition of the software
> version, configuration and environment (hardware, external controls)
> which was the subject of the evaluation 
> - an "Evaluation Report" which, in the "happy case" has assigns an
> "Evaluation Assurance Level" (EAL) number to the product (which needless
> to say is only valid if the product is used in its TOE 
> If you're interested in reading more about formal Government security
> evaluation schemes, these are some good sites: 

Thanks for your information.
However, I've also followed the Common Criteria for a few years, and
some of facilities came from its requirements. The "security_context"
system column reflects the requirement of labeled import/export, for
example. Don't worry.

Let's move our discussion into its implementation in the upcoming
CommitFest. It's a good time now.

OSS Platform Development Division, NEC
KaiGai Kohei <kaigai(at)ak(dot)jp(dot)nec(dot)com>

In response to

pgsql-hackers by date

Next:From: Tom LaneDate: 2008-10-30 03:12:50
Subject: Re: Please make sure your patches are on the wiki page
Previous:From: Tom LaneDate: 2008-10-30 02:44:54
Subject: Re: minimal update

Privacy Policy | About PostgreSQL
Copyright © 1996-2015 The PostgreSQL Global Development Group