Re: How to get SE-PostgreSQL acceptable
| От | KaiGai Kohei |
|---|---|
| Тема | Re: How to get SE-PostgreSQL acceptable |
| Дата | |
| Msg-id | 49839B2F.4060008@kaigai.gr.jp обсуждение исходный текст |
| Ответ на | Re: How to get SE-PostgreSQL acceptable (Andrew Dunstan <andrew@dunslane.net>) |
| Ответы |
Re: How to get SE-PostgreSQL acceptable
|
| Список | pgsql-hackers |
Andrew Dunstan wrote: > > > Josh Berkus wrote: >> Joshua, Kohei-san, >> >> So, for 8.4: *if* we included in 8.4 a version of SEPostgres with all >> features *except* row-level security, would it still be useful to the >> SELinux community? >> >> I think we're just not going to work out the headache-inducing issues >> around row-level security in time for 8.4, and it seems to me that >> integrated system-level security labels at the table-and-column level >> are still very useful, even without row-level security. > > Hasn't a plan for this already been posted? See > http://archives.postgresql.org/pgsql-hackers/2009-01/msg02407.php FYI: * previous full-functional SE-PostgreSQL/Row-ACLs [kaigai@fedora10 security]$ wc -l *.c */*.c 729 pgaceCommon.c 1547 pgaceHooks.c 721 rowacl/rowacl.c 1200 sepgsql/avc.c 623 sepgsql/core.c 1019 sepgsql/hooks.c 785 sepgsql/permissions.c 1097 sepgsql/proxy.c 7721 total * A lite SE-PostgreSQL without row-level security, large object support, writable system column [kaigai@fedora10 sepgsql]$ wc -l *.c 904 checker.c 1181 avc.c 360 core.c 55 dummy.c 683 hooks.c 478 label.c 553 perms.c 4214 total Today, I'll debug the modified code... -- KaiGai Kohei <kaigai@kaigai.gr.jp>
В списке pgsql-hackers по дате отправления: