Skip site navigation (1) Skip section navigation (2)

Re: How to get SE-PostgreSQL acceptable

From: KaiGai Kohei <kaigai(at)ak(dot)jp(dot)nec(dot)com>
To: Stephen Frost <sfrost(at)snowman(dot)net>
Cc: KaiGai Kohei <kaigai(at)kaigai(dot)gr(dot)jp>, Peter Eisentraut <peter_e(at)gmx(dot)net>, PG Hackers <pgsql-hackers(at)postgresql(dot)org>, Joshua Brindle <method(at)manicmethod(dot)com>
Subject: Re: How to get SE-PostgreSQL acceptable
Date: 2009-01-29 00:03:21
Message-ID: 4980F249.8040304@ak.jp.nec.com (view raw or flat)
Thread:
Lists: pgsql-hackers
Good morning, I started to follow the discussion.
(Time difference is unconfortable for me!)

>> adding SELinux support for the existing levels of access control in PG
> 
> is
> 
> - table/column level access controls
> - permission checks on database login
> - permission checks on function invocation
>  - they need a facility to manage security label
> - I want permission checks on loading a library,
>   though existing PG checks superuser() only.
> 
> and
> - removing PGACE, integrate SEPG code into core
> - permission checks on largeobjects is postponed
> - row level security is postponed (NOT REJECTED!)
>  - so, writable system column is also postponed

If I postponed a part of functionalities as Stephen suggested,
how many lines can be reduced? It is a quick estimation.

Currently, the main patch has:
  110 files changed, 9813 insertions(+), 16 deletions(-), 924 modifications(!)

* src/backend/commands/copy.c              |  293 +++!
  Most of them are to support writable system column,
  so about -300 lines are expected.
* src/backend/executor/execMain.c          |  209 +++
  Most of them are to support writable system column,
  so about -200 lines are expected
* src/backend/security/pgaceCommon.c       |  729 ++++++++++++
  It will get scraped, but management of security attribute
  has to SELinux specific code, so -250 lines are expected
* src/backend/security/pgaceHooks.c        | 1547 ++++++++++++++++++++++++++
  It will be gone, so -1550 lines are expected
* src/backend/security/rowacl/rowacl.c     |  721 ++++++++++++
  It will be postponed, -700 lines are expected
* src/backend/security/sepgsql/hooks.c     | 1019 +++++++++++++++++
  A part of permission checks (aka row,blob) is postponed,
  so -300 lines are expected.
* src/include/security/pgace.h             |  181 +++
* src/include/security/rowacl.h            |   41
  It will be gone, so -200 lines are expected

At the total, -3,200 lines are expected.
In addition, any other small-sized stuffs can be postponed.

Thanks,
-- 
OSS Platform Development Division, NEC
KaiGai Kohei <kaigai(at)ak(dot)jp(dot)nec(dot)com>

In response to

pgsql-hackers by date

Next:From: Joshua BrindleDate: 2009-01-29 00:31:18
Subject: Re: How to get SE-PostgreSQL acceptable
Previous:From: Tom LaneDate: 2009-01-28 23:57:52
Subject: Re: How to get SE-PostgreSQL acceptable

Privacy Policy | About PostgreSQL
Copyright © 1996-2014 The PostgreSQL Global Development Group