Re: 8.4 release planning

On 1/26/09 4:28 PM, "Joshua Brindle" <method(at)manicmethod(dot)com> wrote:

> Tom Lane wrote:
>> Josh Berkus <josh(at)agliodbs(dot)com> writes:
<snip>
>>> SE-Linux: this patch has effectively been in development for 2 years
>>> ourside the core process before putting it in; the forked SEPostgres is
>>> in use in production. KaiGai has been available for 20 hours a week (or
>>> more) to troubleshoot issues and change APIs. I really don't see what
>>> the problem is with committing it.
>>
>> The problem, in words of one syllable, is that we are not sure we want
>> it. Do you see a user community clamoring for SEPostgres, or a hacker
>> community that is willing or able to maintain it? If KaiGai-san got run
>> over by a bus tomorrow, this patch would be a dead letter, because there
>> just isn't anyone else who is taking sufficient (any?) interest in it.
>> That doesn't bode well for its future viability. Compare the likely
>> audience for it to previous patches of roughly similar complexity,
>> such as integrated text search or the Windows port, and it's just not
>> in the ballpark.
>>
>> The second problem is that we're not sure it's really the right thing,
>> because we have no one who is competent to review the design from a
>> security standpoint. But unless we get past the first problem the
>> second one is moot.
>>
>
>
> I've never posted to this list before, but I am an SELinux upstream
> maintainer.
>
> I'd just like to interject here, we (the SELinux community) are very
> interested
> in KaiGai's work and have been looking forward to it being upstreamed for
> quite
> some time.
>
> While we haven't been able to analyze the patches directly to determine
> whether
> the security goals are indeed being met we have had much discussion and
> eventually community agreement on the security model being implemented. This
> happened years ago and has since been merged into the SELinux reference policy
> that practically all SELinux users use (distributions start with the reference
> policy and add rules/modules suitable for them).
>
> So the security model has been looked at, though not the implementation and we
> do have a community of developers, users and customers interested in this
> work.
>
I'd just like to echo Josh's sentiments. I'm also active in the SELinux
community, and have been involved in several developments that really needed
a database with mandatory access control mechanisms. Unfortunately, these
developments have all had maintenance requirements that precluded using
KaiGai's code as it was outside not in a commercial distribution. We've been
waiting anxiously for it to be merged upstream.

Additionally, I've talked to many other end users that really want to deploy
LAPP stacks with these security features. They often came to us looking for
us to help them build such systems, but we've had to turn them away as there
was no supported way to build it.

Thanks,
Chad Sellers