Re: 8.4 release planning

On Wed, Jan 28, 2009 at 4:28 AM, Peter Eisentraut <peter_e(at)gmx(dot)net> wrote:

> Greg Smith wrote:
>
>> PostgreSQL advocacy point, one of the questions Tom asked about a bit
>> upthread is still a bit hazy here. There are commercial database offerings
>> selling into the "trusted" space already. While the use-cases you describe
>> make perfect sense, I don't think it's clear to everyone yet if there's a
>> unique draw to a PostgreSQL + selinux solution that the class of customers
>> you're talking about would prefer it to purchasing one of those products.
>> Is the cost savings the main driver here, or is there something else about
>> a secure LAPP stack that makes it particularly compelling?
>>
>
> According to the data available to me, it is a combination of doing it
> better than the other guys (e.g., a SELinux type interface instead of
> something handcrafted) and the usual cost savings.
>

I don't know about better, but I would definitely say that it's a more
integrated (with the OS) solution. Can you get Oracle to use SELinux
policies? Sure. But it would take a combination of Label Security, Fine
Grained Access Control tweaks, custom C functions, and custom policies to
handle the access control. And, it would cost a helluva lot of money.

In short, this would make Postgres quite a bit more appetizing to those who
need this functionality, those who prefer SELinux-based policies, and those
who don't have the time/money to do it in systems like Oracle. How many
people is that? Based on my consulting experience and questions from
DoD/DoE people specifically, I think the number of people needing this
feature is fairly small right now. But, it wouldn't hurt us to have it.

Just to make it clear, this feature wouldn't make Postgres a "trusted"
database in any certification sense. So, using that term would likely cause
confusion and get people who used it thinking it had an EAL certification
into trouble.

--
Jonah H. Harris, Senior DBA
myYearbook.com