Quick Links

Re: [RFC] sepgsql: prohibit users to relabel objects

From:	Robert Haas <robertmhaas(at)gmail(dot)com>
To:	Denis Kirjanov <kda(at)linux-powerpc(dot)org>
Cc:	"pgsql-hackers(at)postgresql(dot)org" <pgsql-hackers(at)postgresql(dot)org>, alexey(at)itsirius(dot)su, Denis Kirjanov <kda(at)itsirius(dot)su>
Subject:	Re: [RFC] sepgsql: prohibit users to relabel objects
Date:	2015-04-29 18:01:36
Message-ID:	CA+TgmoYmpKy798qF=hVt_ppB=Q-TepOCcR93VPyif2NtkAm2Tw@mail.gmail.com
Views:	Raw Message \| Whole Thread \| Download mbox \| Resend email
Thread:
Lists:	pgsql-hackers

On Wed, Apr 29, 2015 at 9:15 AM, Denis Kirjanov <kda(at)linux-powerpc(dot)org> wrote:
> Enforce access control on security labels defined by admin
> and prohibit users to relabel the objects

Really? Why? I would think it's the policy's job to restrict relabel
operations.

--
Robert Haas
EnterpriseDB: http://www.enterprisedb.com
The Enterprise PostgreSQL Company

In response to

[RFC] sepgsql: prohibit users to relabel objects at 2015-04-29 13:15:22 from Denis Kirjanov

Responses

Re: [RFC] sepgsql: prohibit users to relabel objects at 2015-04-29 18:12:28 from Adam Brightwell
Re: [RFC] sepgsql: prohibit users to relabel objects at 2015-04-30 08:13:50 from Denis Kirjanov

Browse pgsql-hackers by date

	From	Date	Subject
Next Message	Adam Brightwell	2015-04-29 18:12:28	Re: [RFC] sepgsql: prohibit users to relabel objects
Previous Message	Jeff Janes	2015-04-29 17:34:51	Re: Feedback on getting rid of VACUUM FULL