Now we have just a month due to the final deadline.
I think we could sort out and make clear its conceptual issues
during CommitFest:Sep. So, I think it is good time that we can
move to the disucussion about its implementation.
Anyway, I want any suggestions what should I pay my efforts to
during the remaining month.
Thanks,
KaiGai Kohei wrote:
I updated the following SE-PostgreSQL patches:
[1/5]
http://sepgsql.googlecode.com/files/sepostgresql-sepgsql-8.4devel-3-r1076.patch
[2/5]
http://sepgsql.googlecode.com/files/sepostgresql-pg_dump-8.4devel-3-r1076.patch
[3/5]
http://sepgsql.googlecode.com/files/sepostgresql-policy-8.4devel-3-r1076.patch
[4/5]
http://sepgsql.googlecode.com/files/sepostgresql-docs-8.4devel-3-r1076.patch
[5/5]
http://sepgsql.googlecode.com/files/sepostgresql-tests-8.4devel-3-r1076.patch
- Patches are rebased to the latest CVS HEAD.
- Improvement of performance penalty for access checks.
Reworks in access vector chache enables to reduce performance loss, as
follows:
http://kaigai.sakura.ne.jp/sblo_files/kaigai/image/080930_sepgsql_performance.png
It shows about 8% loss in maximum, and larger scale database give us
smaller losses in trend.
- Add a hook to check permission on "COPY TO/FROM <file>".
In the previous version, SE-PostgreSQL does not check permissions
to the file used in COPY statement. It is fixed.
- Documentation updates
- Descriptions for build & install are reworked, because most of
security policy for SE-PostgreSQL now got merged into the upstream
selinux-policy package.
- Add a "Limitation" section to describe about covert channel and
reference integrity.
Thanks,
--
OSS Platform Development Division, NEC
KaiGai Kohei <[EMAIL PROTECTED]>
--
Sent via pgsql-hackers mailing list (pgsql-hackers@postgresql.org)
To make changes to your subscription:
http://www.postgresql.org/mailpref/pgsql-hackers
