Re: Updates of SE-PostgreSQL 8.4devel patches (r1268)

KaiGai Kohei wrote:
>> I would like to be able to assign SQL-level ACLs and SELinux labels to
>> the same row at the same time in the same build, and have the system
>> enforce both on top of each other.
>
> In my opinion, it makes more pains (user-interface, performance, complexity
> of implementation and so on) than its benefit which allows to support MAC
> and DAC concurrently.

I am a bit surprised. I'd consider the ability to do DAC and MAC
concurrently to be absolutely essential, for several reasons:

1. DAC is managed by users, MAC by administrators.

2. They address different but concurrent use cases.

3. Transitioning to MAC will be a lot easier if it doesn't require you
to drop the DAC configuration all at once.

4. You don't propose to drop table ACLs if you enable SELinux, do you?
Same issue.

5. It's possible!

>>>> We can debate the merits of having, say, SELinux plus Solaris TX at
>>>> the same time, but if we can have two as per previous paragraph, we
>>>> should design for several.
>>>
>>> What platform is available for both of SELinux and Solaris TX?
>>
>> Well, Solaris, if you believe various rumours. I agree the case for
>> this might be weak, though.
>
> Are you saying about Solaris FMAC project?
> It is a different platform from Trusted Solaris.

Trusted Solaris was a separate fork of Solaris, which is now legacy.
The current thing is Solaris Trusted Extensions (TX), which is
integrated in normal Solaris. So when the FMAC project produces
something, it should conceivably be available in parallel to the current
TX stuff.