Re: security labels on databases are bad for dump & restore

2015-07-15 2:39 GMT+09:00 Ted Toth <txtoth(at)gmail(dot)com>:
> That's exactly what I'm talking about like I said KaiGais branch was
> never merged into the mainline so I do not believe that it is used at
> all.
>
It depends on the definition of "integrated".
The PostgreSQL core offers an infrastructure for label based security
mechanism, not only selinux. Also, one extension module that is
usually distributed with PosgreSQL bridges the world of database and
the world of selinux (even though all the features I initially designed
are not yet implemented). I like to say it is integrated.

> On Tue, Jul 14, 2015 at 12:28 PM, Robert Haas <robertmhaas(at)gmail(dot)com> wrote:
>> On Tue, Jul 14, 2015 at 1:22 PM, Ted Toth <txtoth(at)gmail(dot)com> wrote:
>>> I'm sort of new to this so maybe I'm missing something but since the
>>> sepgsql SELinux userspace object manager was never integrated into
>>> postgresql (AFAIK KaiGais branch was never merged into the mainline)
>>> who uses these labels? What use are they?
>>
>> See contrib/sepgsql
>>
>> --
>> Robert Haas
>> EnterpriseDB: http://www.enterprisedb.com
>> The Enterprise PostgreSQL Company

--
KaiGai Kohei <kaigai(at)kaigai(dot)gr(dot)jp>