From: | KaiGai Kohei <kaigai(at)ak(dot)jp(dot)nec(dot)com> |
---|---|
To: | Bruce Momjian <bruce(at)momjian(dot)us> |
Cc: | pgsql-hackers(at)postgresql(dot)org, KaiGai Kohei <kaigai(at)kaigai(dot)gr(dot)jp> |
Subject: | Re: Updates of SE-PostgreSQL 8.4devel patches (r1268) |
Date: | 2008-12-08 01:37:09 |
Message-ID: | 493C7A45.8000202@ak.jp.nec.com |
Views: | Raw Message | Whole Thread | Download mbox | Resend email |
Thread: | |
Lists: | pgsql-hackers |
Bruce Momjian wrote:
> KaiGai Kohei wrote:
>> Bruce Momjian wrote:
>>> KaiGai Kohei wrote:
>>>>>> I don't oppose to elimination of "--disable-row-acl" options, however,
>>>>>> it is not clear for me whether it should be unavoidable selection in
>>>>>> the future, or not.
>>>>> Look at the existing configure options; we don't remove features via
>>>>> configure unless it is for some platform-specific reason. Please remove
>>>>> the configure option and make it always enabled.
>>>> OK, I'll update it in the next patch set.
>>> Good. I assume the SQL-row security patch is not testable alone with
>>> out the rest of the patches, right?
>> The minimum requirements are the 1st and 2nd patches.
>> The first provides security hooks to PostgreSQL server program, and
>> the other provides ones to pg_dump command.
>> The 3rd, 4th and 5th are not necessary for the test purpose.
>
> First, let me say you have done an amazing job of producing patches for
> us, and your code quality is very high, especially considering the
> complexity of this code and your newness to our development process. My
> compliments to NEC, your employer.
>
> Also, I personally am excited about this code and what it will add to
> Postgres 8.4.
>
> I hate to ask for something else from you, but I am trying to figure out
> how we can proceed in reviewing and applying your additions. I am
> wondering if you can produce a patch that has the SE-Linux part separate
> so I can review the non-SE-Linux parts of the patch alone --- right now
> I am not 100% clear on what parts are always active as row-level SQL
> security and what needs SE-Linux to operate. I know this is an
> additional burden on you and if it is too much to ask, please tell me.
All the SELinux specific part is stored within:
- src/include/security/sepgsq.h
- src/backend/security/sepgsql/*
- Blocks enclosed by "#if defined(HAVE_SELINUX)"
in src/include/security/pgace.h
SELinux related codes are never invoked without pgaceXXXX() hooks,
so you can simply ignore the above files/parts when you are under
the reviewing to non-SELinux parts.
Rest of changes are commonly needed to manage security attribute
and to inject security hooks.
In all honesty, I hesitate to separate the patch again into two
parts to be integrated later. I would be happy, if you suggested
it a half year ago, because this feature was suggested as two
separated patches in CommitFest:May. :(
Thanks,
--
OSS Platform Development Division, NEC
KaiGai Kohei <kaigai(at)ak(dot)jp(dot)nec(dot)com>
From | Date | Subject | |
---|---|---|---|
Next Message | Tom Lane | 2008-12-08 01:46:13 | Polymorphic types vs. domains |
Previous Message | Bruce Momjian | 2008-12-08 00:57:48 | Re: ALTER composite type does not work, but ALTER TABLE which ROWTYPE is used as a type - works fine |