Re: Updates of SE-PostgreSQL 8.4devel patches (r1704)

On Mon, 2009-03-09 at 20:55 -0400, Tom Lane wrote:
> "Joshua D. Drake" <jd@commandprompt.com> writes:
> > I know we are a little uncomfortable here but KaiGai-San (forgive me if
> > I type that wrong) has proven to be a contributor in his own right,

> 
> Perhaps it would help you calibrate the problem if I stated that
> I wouldn't trust a patch for this purpose written by myself, let
> alone somebody who hasn't been hacking the backend for ten years.
> (Where "this purpose" means the type of control KaiGai-san seems
> to hope to enforce, as opposed to just plugging some additional
> constraints into the existing ACL-check routines.)

I think you misunderstand me. I have watched this thread very closely
because it has specific strategic interest. For the record:
* This patch does scare me* With great risk comes great reward

So my question is, if the default is that sepostgres is disabled and can
only be enabled via a compile time option, are your concerns just as
weighty? What about marking the feature "experimental".

./configure --help
--enable-se     Enables SE version of PostgreSQL for linux platforms
(experimental)

Yes it would be a break from what we do but it wouldn't hurt us to be
just a "little" bit less stodgy as long as it is done in a responsible
manner.

Sincerely,

Joshua D. Drake


> 
>             regards, tom lane
> 
-- 
PostgreSQL - XMPP: jdrake@jabber.postgresql.org  Consulting, Development, Support, Training  503-667-4564 -
http://www.commandprompt.com/ The PostgreSQL Company, serving since 1997