[PATCH] SE-PostgreSQL for v8.5 development (r1819)

The following list of patches are the latest SE-PostgreSQL (r1819).

http://sepgsql.googlecode.com/files/sepgsql-01-sysatt-8.4beta1-r1819.patch
http://sepgsql.googlecode.com/files/sepgsql-02-core-8.4beta1-r1819.patch
http://sepgsql.googlecode.com/files/sepgsql-03-writable-8.4beta1-r1819.patch
http://sepgsql.googlecode.com/files/sepgsql-04-rowlevel-8.4beta1-r1819.patch
http://sepgsql.googlecode.com/files/sepgsql-05-perms-8.4beta1-r1819.patch
http://sepgsql.googlecode.com/files/sepgsql-06-utils-8.4beta1-r1819.patch
http://sepgsql.googlecode.com/files/sepgsql-07-tests-8.4beta1-r1819.patch
http://sepgsql.googlecode.com/files/sepgsql-08-docs-8.4beta1-r1819.patch

List of updates:
* The base version was updated to the latest CVS HEAD.
* The code to receice notifications from the kernelspace via netlink
socket was simplified using the new avc_netlink_xxx() APIs.
* It enables to handle permissive domain on the upcoming linux-2.6.31.
* It enables to handle undefined permissions in the policy correctly.

The purpose of every patches are not changed.

Thanks,

KaiGai Kohei wrote:
> The following list of patches are the initial revision of SE-PostgreSQL
> on the v8.5 development cycle.
> These are separated into several functional components to help review
> and commit in earlier phase. Every patches (except for the core) have
> abour 1KL scales. It is far smaller than them in a year ago. :-)
>
> http://sepgsql.googlecode.com/files/sepgsql-01-sysatt-8.4devel-r1769.patch
> http://sepgsql.googlecode.com/files/sepgsql-02-core-8.4devel-r1769.patch
> http://sepgsql.googlecode.com/files/sepgsql-03-writable-8.4devel-r1769.patch
> http://sepgsql.googlecode.com/files/sepgsql-04-rowlevel-8.4devel-r1769.patch
> http://sepgsql.googlecode.com/files/sepgsql-05-perms-8.4devel-r1769.patch
> http://sepgsql.googlecode.com/files/sepgsql-06-utils-8.4devel-r1769.patch
> http://sepgsql.googlecode.com/files/sepgsql-07-tests-8.4devel-r1769.patch
> http://sepgsql.googlecode.com/files/sepgsql-08-docs-8.4devel-r1769.patch
>
> Needless to say, it is now designed on 8.4devel tree, so anyone who want
> to build/install SE-PostgreSQL can apply these patches by hand.
> I'll also update and fix them with the progress of v8.4 development.
> Before you apply them, please confirm whether they are the latest, or not.
>
> Bruice,
> | KaiGai-san, the only option I can offer is perhaps to list a URL for
> | your SE-PostgreSQL patch to be applied by people who want to use SE-PG.
>
> Does it mean I need to submit a patch to add an introduction under doc/ ?
> If so, I'll submit it as soon as possible.
>
> Thanks,
>
>
> 01) Security system attribute support
> scale: 38 files changed, 853 insertions(+), 1 deletion(-), 113 modifications(!)
> This patch adds a new system catalog "pg_security" and enables to store
> security identifier associated to a text representation within padding
> area of HeapTupleHeader, as object identifier doing.
> It is a foundation of any other facilities.
>
> 02) Core facilities of SE-PostgreSQL
> scale: 55 files changed, 3588 insertions(+), 10 deletions(-), 736 modifications(!)
> This patch adds a mandatory access control feature collaborating with
> SELinux in table, column, procedure level granurality. Most of this
> patch is same as I proposed in the v8.4 development cycle, except for
> it is designed on the basis of security system attribute support.
>
> 03) Writable system column support
> scale: 7 files changed, 298 insertions(+), 199 modifications(!)
> This patch enables users to update/insert on system columns ("security_label"
> and "security_acl") with explicit values. This feature is necessary to provide
> a user interface for row-level access controls.
>
> 04) Row-level access controls support
> scale: 31 files changed, 1101 insertions(+), 231 modifications(!)
> This patch enables to apply mandatory/discretionary access control in row-level
> granularity also.
>
> 05) Advanced permission checks support
> scale: 18 files changed, 858 insertions(+), 3 deletions(-), 43 modifications(!)
> This patch add some of advanced permission checks:
> - file:{read write} on server side filesystem accesses
> - db_procedure:{install} on user defined functions as system internal ones
> - db_database:{load_module install_module} on binary shared library files
> In the v8.4 development, these are suggested to separate from the core.
>
> 06) Security options in utilities
> scale: 4 files changed, 95 insertions(+), 116 modifications(!)
> This patch adds options on utilities
> - "--enable-selinux" option for initdb
> - "--security-label" option for pg_dump and pg_dumpall
>
> 07) Testcases of SE-PostgreSQL
> scale: 18 files changed, 1819 insertions(+), 2 modifications(!)
> This patch adds testcases for SE-PostgreSQL.
>
> 08) Documentation of SE-PostgreSQL
> scale: 16 files changed, 1595 insertions(+), 42 modifications(!)
> This patch adds documentations for SE-PostgreSQL
>
> 0X) Upcoming patches
> The following patches are upcoming now.
> * Reclaim of unused entries in pg_security
> I have a plan to implement it based on the idea from Robert Haas in:
> http://archives.postgresql.org/message-id/603c8f070901281818u3e1fa70brd28e1bfac7adfea9@mail.gmail.com
>
> * System audit integration with SE-PostgreSQL
> Linux has system audit stuff which is used by in-kernel SELinux and
> its userspace facilities can output audit messages here.
> Now SE-PostgreSQL writes out audit messages into PostgreSQL logs,
> but it is more desirable to write it on system audit.
>

--
OSS Platform Development Division, NEC
KaiGai Kohei <kaigai(at)ak(dot)jp(dot)nec(dot)com>