| From: | Joshua Brindle <method(at)manicmethod(dot)com> |
|---|---|
| To: | Tom Lane <tgl(at)sss(dot)pgh(dot)pa(dot)us> |
| Cc: | Josh Berkus <josh(at)agliodbs(dot)com>, "Joshua D(dot) Drake" <jd(at)commandprompt(dot)com>, Robert Haas <robertmhaas(at)gmail(dot)com>, Merlin Moncure <mmoncure(at)gmail(dot)com>, "Jonah H(dot) Harris" <jonah(dot)harris(at)gmail(dot)com>, Gregory Stark <stark(at)enterprisedb(dot)com>, Simon Riggs <simon(at)2ndQuadrant(dot)com>, Bruce Momjian <bruce(at)momjian(dot)us>, Bernd Helmle <mailings(at)oopsware(dot)de>, Peter Eisentraut <peter_e(at)gmx(dot)net>, pgsql-hackers(at)postgresql(dot)org, KaiGai Kohei <kaigai(at)kaigai(dot)gr(dot)jp> |
| Subject: | Re: 8.4 release planning |
| Date: | 2009-01-26 21:28:33 |
| Message-ID: | 497E2B01.8060306@manicmethod.com |
| Views: | Raw Message | Whole Thread | Download mbox | Resend email |
| Thread: | |
| Lists: | pgsql-hackers |
Tom Lane wrote:
> Josh Berkus <josh(at)agliodbs(dot)com> writes:
>> So, some feedback to make this decision more difficult:
>
>> Users: care about HS more than anything else in the world.
>
> I don't think this is correct. There are certainly a lot of users who
> would like an in-core replication solution, but HS by itself is not that
> --- you also need (near) real-time log shipping, which we have already
> decided to punt to 8.5. That being the case, I think the argument
> that HS is a must-have feature for 8.4 is actually rather weak.
>
>> SE-Linux: this patch has effectively been in development for 2 years
>> ourside the core process before putting it in; the forked SEPostgres is
>> in use in production. KaiGai has been available for 20 hours a week (or
>> more) to troubleshoot issues and change APIs. I really don't see what
>> the problem is with committing it.
>
> The problem, in words of one syllable, is that we are not sure we want
> it. Do you see a user community clamoring for SEPostgres, or a hacker
> community that is willing or able to maintain it? If KaiGai-san got run
> over by a bus tomorrow, this patch would be a dead letter, because there
> just isn't anyone else who is taking sufficient (any?) interest in it.
> That doesn't bode well for its future viability. Compare the likely
> audience for it to previous patches of roughly similar complexity,
> such as integrated text search or the Windows port, and it's just not
> in the ballpark.
>
> The second problem is that we're not sure it's really the right thing,
> because we have no one who is competent to review the design from a
> security standpoint. But unless we get past the first problem the
> second one is moot.
>
I've never posted to this list before, but I am an SELinux upstream maintainer.
I'd just like to interject here, we (the SELinux community) are very interested
in KaiGai's work and have been looking forward to it being upstreamed for quite
some time.
While we haven't been able to analyze the patches directly to determine whether
the security goals are indeed being met we have had much discussion and
eventually community agreement on the security model being implemented. This
happened years ago and has since been merged into the SELinux reference policy
that practically all SELinux users use (distributions start with the reference
policy and add rules/modules suitable for them).
So the security model has been looked at, though not the implementation and we
do have a community of developers, users and customers interested in this work.
Joshua Brindle
| From | Date | Subject | |
|---|---|---|---|
| Next Message | Kevin Grittner | 2009-01-26 21:46:01 | Re: More FOR UPDATE/FOR SHARE problems |
| Previous Message | Simon Riggs | 2009-01-26 21:25:10 | Re: 8.4 release planning |