| From: | KaiGai Kohei <kaigai(at)ak(dot)jp(dot)nec(dot)com> |
|---|---|
| To: | Bruce Momjian <bruce(at)momjian(dot)us> |
| Cc: | Robert Haas <robertmhaas(at)gmail(dot)com>, Alvaro Herrera <alvherre(at)commandprompt(dot)com>, josh(at)agliodbs(dot)com, pgsql-hackers(at)postgresql(dot)org |
| Subject: | Re: Proposal of SE-PostgreSQL patches (for CommitFest:Sep) |
| Date: | 2008-09-24 04:37:23 |
| Message-ID: | 48D9C403.6030504@ak.jp.nec.com |
| Views: | Whole Thread | Raw Message | Download mbox | Resend email |
| Thread: | |
| Lists: | pgsql-hackers |
Bruce Momjian wrote:
> Robert Haas wrote:
>>> I think the answer is yes, because (as others have said) if we ever want
>>> to have SQL-level per-row permissions, then we can implement them with
>>> no change to the patch currently in discussion.
>> If that's true, it weighs somewhat in favor of accepting this patch,
>> but how sure are we that it's really the case? If you only have one
>> implementation sitting on top of your abstraction layer, it's hard to
>> know whether you've implemented a general framework for doing X or
>> merely an interface that happens to suit the particular flavor of X
>> that you want to do today.
>
> Yes, that is my point, and SE-Linux is just Linux, meaning it is
> OS-specific, making it even less generally useful.
I believe the upcomig "fine-grained security" patch enables to make
clear the security framework is NOT specific for SELinux only.
Thanks,
--
OSS Platform Development Division, NEC
KaiGai Kohei <kaigai(at)ak(dot)jp(dot)nec(dot)com>
| From | Date | Subject | |
|---|---|---|---|
| Next Message | Tom Lane | 2008-09-24 04:50:36 | Re: Proposal of SE-PostgreSQL patches (for CommitFest:Sep) |
| Previous Message | Robert Treat | 2008-09-24 04:30:22 | Re: Hot Standby Design |