| From: | KaiGai Kohei <kaigai(at)ak(dot)jp(dot)nec(dot)com> |
|---|---|
| To: | Robert Haas <robertmhaas(at)gmail(dot)com> |
| Cc: | Heikki Linnakangas <heikki(dot)linnakangas(at)enterprisedb(dot)com>, KaiGai Kohei <kaigai(at)kaigai(dot)gr(dot)jp>, Tom Lane <tgl(at)sss(dot)pgh(dot)pa(dot)us>, Stephen Frost <sfrost(at)snowman(dot)net>, pgsql-hackers(at)postgresql(dot)org |
| Subject: | Re: Reworks for Access Control facilities (r2363) |
| Date: | 2009-10-19 04:21:56 |
| Message-ID: | 4ADBE964.30608@ak.jp.nec.com |
| Views: | Raw Message | Whole Thread | Download mbox | Resend email |
| Thread: | |
| Lists: | pgsql-hackers |
Robert Haas wrote:
> On Sat, Oct 17, 2009 at 9:53 AM, Heikki Linnakangas
> <heikki(dot)linnakangas(at)enterprisedb(dot)com> wrote:
>> This raises an important point: We need *developer documentation* on how
>> to write SE-Pgsql compliant permission checks. Not only for authors of
>> 3rd party modules but for developers of PostgreSQL itself. Point 2)
>> above needs to be emphasized, it's a big change in the way permission
>> checks have to be programmed. One that I hadn't realized before. I
>> haven't been paying much attention, but neither is most other
>> developers, so we need clear documentation.
>
> This is a good point. All throughout these discussions, there has
> been a concern that whatever is implemented here will be
> unmaintainable because we don't have any committers who are familiar
> with the ins and outs of SE-Linux and MAC (and not too many other
> community members interested in the topic, either). So some developer
> documentation seems like it might help.
>
> On the other hand, KaiGai has made several attempts at documentation
> and several attempts at patches and we're not really any closer to
> having SE-PostgreSQL in core than we were a year ago. I think that's
> partly because KaiGai tried to bite off far too much initially
> (still?), partly because of technical problems with the patches,
> partly because the intersection of people who are experts in
> PostgreSQL and people who are experts in MAC seems to be empty, and
> partly because, as much as people sorta kinda like this feature,
> nobody other than KaiGai has really been willing to step up and pour
> into this project the kind of resources that it will likely require to
> be successful.
>
> I have to admit that I'm kind of giving up hope. We seem to be going
> in circles, and I don't think anything new is being said on this
> thread that hasn't been said before.
We may not be always able to find out the right way to the mountain summit.
Indeed, it seems that we returned to the original design which deploys
SE-PgSQL's hooks on the strategic points.
But there is a significant improvement. We learned several designs
which we already tried were on the rocky path, although they look like
an easy path at first.
I agrre to the Heikki's suggestion.
Not only user documentation, we need another documentation from the
viewpoint of developer, which describes what permissions are defined,
what is the purpose of SE-PgSQL's hooks and when/where these are called.
Thanks,
BTW, as I noted in the last message, I have to allocate my activities
to Japan Linux Symposium in this week. So, responses may delay, Sorry.
http://events.linuxfoundation.org/events/japan-linux-symposium/schedule
--
OSS Platform Development Division, NEC
KaiGai Kohei <kaigai(at)ak(dot)jp(dot)nec(dot)com>
| From | Date | Subject | |
|---|---|---|---|
| Next Message | Gokulakannan Somasundaram | 2009-10-19 04:40:30 | Re: COPY enhancements |
| Previous Message | KaiGai Kohei | 2009-10-19 03:59:51 | Re: Reworks for Access Control facilities (r2363) |