| From: | KaiGai Kohei <kaigai(at)ak(dot)jp(dot)nec(dot)com> |
|---|---|
| To: | Ron Mayer <rm_pg(at)cheapcomplexdevices(dot)com> |
| Cc: | jd(at)commandprompt(dot)com, Tom Lane <tgl(at)sss(dot)pgh(dot)pa(dot)us>, David Fetter <david(at)fetter(dot)org>, Bruce Momjian <bruce(at)momjian(dot)us>, Itagaki Takahiro <itagaki(dot)takahiro(at)oss(dot)ntt(dot)co(dot)jp>, KaiGai Kohei <kaigai(at)kaigai(dot)gr(dot)jp>, pgsql-hackers(at)postgresql(dot)org |
| Subject: | Re: SE-PgSQL patch review |
| Date: | 2009-12-03 02:18:59 |
| Message-ID: | 4B172013.4040100@ak.jp.nec.com |
| Views: | Raw Message | Whole Thread | Download mbox | Resend email |
| Thread: | |
| Lists: | pgsql-hackers |
Ron Mayer wrote:
> Joshua D. Drake wrote:
>> On Tue, 2009-12-01 at 14:46 -0500, Tom Lane wrote:
>>> "Joshua D. Drake" <jd(at)commandprompt(dot)com> writes:
>>>> On Mon, 2009-11-30 at 20:28 -0800, David Fetter wrote:
>>>>> This is totally separate from the really important question of whether
>>>>> SE-Linux has a future, and another about whether, if SE-Linux has a
>>>>> future, PostgreSQL needs to go there.
>>>> Why would we think that it doesn't?
>>> Have you noticed anyone except Red Hat taking it seriously?
>> I just did a little research and it appears the other two big names in
>> this world (Novel and Ubuntu) are using something called App Armor.
>
> How much of SE-PgSQL would also complement the App Armor framework?
>
> Also, yet another MAC system called Tomoyo from NTT was merged into
> the linux kernel earlier this year.
>
> Is SE-PgSQL orthogonal and/or complimentary to all of those?
>
> Since I see MAC features continuing to be added to operating
> systems, I can certainly imagine they're important to some
> customers.
Yes, nowadays, Linux has three MAC options: Linux, Smack and Tomoyo.
And AppArmor is now under discussion to merge it.
*In the current state*, our security hooks invoke SE-PgSQL routines
directly, unlike LSM framework in Linux, because it is the first
option for us, and no need to support multiple options now.
(It will simply increase the size of changeset in this stage.)
However, when the second option comes in, we can easily enhance the
security hooks to support multiple MAC framework.
The Smack also needs security label. It will be able to share facilities
to manage security context with SE-PgSQL.
I've often talked with developers of TOMOYO Linux. They currently give
higher priority to upstream all their functionalities into Linux.
But it also may be a valueable theme for them.
At least, I don't think it requires much different hook points more
than SELinux support.
AppArmor's access control model is similar to TOMOYO.
Thanks,
--
OSS Platform Development Division, NEC
KaiGai Kohei <kaigai(at)ak(dot)jp(dot)nec(dot)com>
| From | Date | Subject | |
|---|---|---|---|
| Next Message | Robert Haas | 2009-12-03 02:19:30 | Re: set the cost of an aggregate function |
| Previous Message | Robert Haas | 2009-12-03 02:12:39 | Re: Re: [COMMITTERS] pgsql: Rewrite GEQO's gimme_tree function so that it always finds a |