Re: SE-PgSQL patch review

KaiGai Kohei wrote:



===
Joshua D. Drake wrote:
> On Tue, 2009-12-01 at 14:46 -0500, Tom Lane wrote:
>> "Joshua D. Drake" <jd@commandprompt.com> writes:
>>> On Mon, 2009-11-30 at 20:28 -0800, David Fetter wrote:
>>>> This is totally separate from the really important question of whether
>>>> SE-Linux has a future, and another about whether, if SE-Linux has a
>>>> future, PostgreSQL needs to go there.
>>> Why would we think that it doesn't?
>> Have you noticed anyone except Red Hat taking it seriously?
> 
> I just did a little research and it appears the other two big names in
> this world (Novel and Ubuntu) are using something called App Armor.

As far as I can see, SUSE, Ubuntu and Debian provide SELinux option.
But they are more conservative than RedHat/Fedora, because it is not
enabled in the default installation.

I don't think it is unpreferable decision. Users can choose the option
by themself according to requirements in the system.

===

How much of the work currently at hand might be applicable to other security models ? Would this be useful groundwork
foranyone who wanted to implement other frameworks in terms of hooks, cleanup of existing code, etc. ?
 

Greg W.
-- 
Sent via pgsql-hackers mailing list (pgsql-hackers@postgresql.org)
To make changes to your subscription:
http://www.postgresql.org/mailpref/pgsql-hackers