Re: SE-PostgreSQL/Lite Review
| От | Joshua Brindle |
|---|---|
| Тема | Re: SE-PostgreSQL/Lite Review |
| Дата | |
| Msg-id | 4B227445.5030609@manicmethod.com обсуждение исходный текст |
| Ответ на | Re: SE-PostgreSQL/Lite Review (Joshua Brindle <method@manicmethod.com>) |
| Список | pgsql-hackers |
Joshua Brindle wrote: > Greg Smith wrote: >> It's funny; we started out this CommitFest with me scrambling to find >> someone, anyone, willing to review the latest SE-PostgreSQL patch, >> knowing it was a big job and few were likely to volunteer. Then >> schedules lined up just right, and last night I managed to get a great >> group of people all together to do perhaps the biggest single patch >> review ever, to work on just that. I gathered up a list of the biggest >> concerns about this feature and its associated implementation, we got a >> number of regular PostgreSQL hackers and two of the security guys you've >> seen on this list all in the same room, and we talked about little but >> SEPostgreSQL for hours. Minutes are at >> http://wiki.postgresql.org/wiki/SEPostgreSQL_Review_at_the_BWPUG and I'd >> suggest anyone interested in this feature (or in rejecting this feature) >> to take a look at what we covered. >> > > I just wanted to add some talking notes here. > > User base for the feature: > > While my goals for this feature line up with military/government users > this is in no way the extent of the potential user base. The fact is > most people won't know they want this feature until it is available. Why > is that? Well, how many of you have written webapps and implemented > policy logic in your application rather than the database level? Why do > people currently feel the need to do this? Is it even possible to > implement some complex policies (eg., PCI compliance) at the database > level? If PostgreSQL version whatever suddenly had the ability to > implement the policy logic in the database, would you move it there? I > know I would.. > > Audit: > > In past conversations it sounded like some of the Postgres community was > skeptical even about the design of the security model. For an even > earlier look (September 2006) of KaiGai and the SELinux community > talking about the object model and even high level design of the > solution see <http://marc.info/?l=selinux&m=115762285013528&w=2> > I highly suggest a quick read of the above thread, it shows how we established an object model in fairly short order. The conversation also continues here: <http://marc.info/?l=selinux&m=115786457722767&w=2> and also here: <http://marc.info/?l=selinux&m=117160445604805&w=2> <http://marc.info/?l=selinux&m=117160445611588&w=2> <http://marc.info/?l=selinux&m=117160445608517&w=2>
В списке pgsql-hackers по дате отправления: