Re: Adding support for SE-Linux security

Kevin Grittner escribió:

> > I'd like to see us be able to support it.  One of the things that
> > I think would be worth looking into is whether there is a way to
> > make this pluggable, so that selinux and apparmor and trusted
> > solaris and so on could make use of the same framework
>  
> Given the extreme patience and diligence exhibited by KaiGai, I
> hesitate to say this, but it seems to me that this would be
> critically important for the long term success of this feature.  I
> have no idea how much work it would be to make the interface to the
> external security system pluggable, but if it's at all feasible, I
> think it should be done.

This is how the code was developed initially -- the patch was called
PGACE and SELinux was but the first implementation on top of it.

-- 
Alvaro Herrera                                http://www.CommandPrompt.com/
PostgreSQL Replication, Consulting, Custom Development, 24x7 support