Re: SE-PgSQL patch review

From: Greg Stark <gsstark(at)mit(dot)edu>
To: Tom Lane <tgl(at)sss(dot)pgh(dot)pa(dot)us>
Cc: KaiGai Kohei <kaigai(at)ak(dot)jp(dot)nec(dot)com>, jd(at)commandprompt(dot)com, David Fetter <david(at)fetter(dot)org>, Bruce Momjian <bruce(at)momjian(dot)us>, Itagaki Takahiro <itagaki(dot)takahiro(at)oss(dot)ntt(dot)co(dot)jp>, KaiGai Kohei <kaigai(at)kaigai(dot)gr(dot)jp>, pgsql-hackers(at)postgresql(dot)org
Subject: Re: SE-PgSQL patch review
Date: 2009-12-02 23:05:51
Message-ID: 407d949e0912021505y6e0572e1w18618534effa2be4@mail.gmail.com
Views: Raw Message | Whole Thread | Download mbox | Resend email
Thread:
Lists: pgsql-hackers

On Wed, Dec 2, 2009 at 3:30 AM, Tom Lane <tgl(at)sss(dot)pgh(dot)pa(dot)us> wrote:
>  Red Hat's
> policy has been trying to cope with cases like "which directories should
> Apache be allowed to read, *given that it's running a Red-Hat-standard
> configuration*?"  That's far more circumscribed than any useful database
> policy would be, because database applications aren't nearly that
> standardized.

Actually that does sound useful for Redhat packages which themselves
use database. So for example if I install my Redhat spam filter it
should be able to automatically run createdb and load its schema and
start using postgres as a backing store. Currently I think a lot of
packages use sqlite by default just because manual intervention is
required to set up postgres.

So I'm unclear what advantage this has for Redhat and sysadmins over
just setting up the database directly but then I'm unclear what the
advantage is for SELinux in the first place so I'm probably just not
in the target audience for it. But this seems like it would be
directly analogous. I suppose an admin would be able to delegate more
control to a new admin

--
greg

In response to

Responses

Browse pgsql-hackers by date

  From Date Subject
Next Message Alvaro Herrera 2009-12-03 00:10:30 Re: [PATCH] Windows x64
Previous Message Adrian Klaver 2009-12-02 22:49:15 Re: Catastrophic changes to PostgreSQL 8.4