Re: Adding support for SE-Linux security

Josh Berkus wrote:
> Bruce,
>
>> If we decide not to support SE-Linux, it is unlikely we will be adding
>> support for any other external security systems because SE-Linux has the
>> widest adoption.
>>
>> I think the big question is whether we are ready to extend Postgres to
>> support additional security infrastructures.
>
> PostgreSQL is the most security-conscious of the OSS databases, and is
> widely used by certain groups (security software, military, credit card
> processing) precisely because of this reputation. These folks, while
> unlikely to speak up on -hackers, are interested in new/further security
> features; when I was at the Pentagon 2 years ago several people there
> from HS were quite interested in SE-Postgres specifically. Further,
> I've been mentioning SE-Postgres in my "DB security talk" for the last
> 18 months and I *always* get a question about it.
>
> So while there might not be vocal proponents for innovative/hard-core
> security frameworks on this list currently, I think it will gain us some
> new users. Maybe more than we expect.

Good, I also have gotten many voices, questions and requirements from
the viewpoints of enterprise users who make plans to launch their SaaS
system typically.

Thanks,
--
OSS Platform Development Division, NEC
KaiGai Kohei <kaigai(at)ak(dot)jp(dot)nec(dot)com>