Re: Adding support for SE-Linux security
| От | Robert Haas |
|---|---|
| Тема | Re: Adding support for SE-Linux security |
| Дата | |
| Msg-id | 603c8f070912101741j4d3bff30m9b0c547b4bdf7a9d@mail.gmail.com обсуждение исходный текст |
| Ответ на | Re: Adding support for SE-Linux security (Tom Lane <tgl@sss.pgh.pa.us>) |
| Ответы |
Re: Adding support for SE-Linux security
|
| Список | pgsql-hackers |
On Thu, Dec 10, 2009 at 5:08 PM, Tom Lane <tgl@sss.pgh.pa.us> wrote: > If I thought that Bruce could go off in a corner and make this happen > and it would create no demands on anybody but him and KaiGai-san, I > would say "fine, if that's where you want to spend your time, go for > it". But even to state that implied claim is to see how false it is. > Bruce is pointing to the Windows port, but he didn't make it happen > by himself, or any close approximation of that. Everybody who works > on this project has been affected by that, and we're *still* putting > significant amounts of time into Windows compatibility, over five years > later. This is also one of my concerns. Bruce has been careful to say that he will either make this happen himself or find others to help. The thing is, who are the others, are they people we already trust, and how do we know whether they'll be around after this is committed? I'm excited to see Greg Smith getting more involved in dealing with this patch-set, and I know Stephen Frost did some reviewing as well, but overall the community support has been pretty limpid. It's probably impossible to completely eliminate the impact of this feature on the community, but having a core of involved people - preferably including several committers - who will maintain it would help a lot. We're not there yet. > My guess is that a credible SEPostgres offering will require a long-term > amount of work at least equal to, and very possibly a good deal more > than, what it took to make a native Windows port. If SEPostgres could > bring us even 10% as many new users as the Windows port did, it'd > probably be a worthwhile use of our resources. But again, that's an > assumption that's difficult to type without bursting into laughter. The SEPostgres community is surely a lot smaller than the Windows community, but I'm not sure whether the effort estimate is accurate or not. If "credible" includes "row-level security", then I think I might agree, but right now we're just trying to get off the ground. ...Robert
В списке pgsql-hackers по дате отправления: