KaiGai Kohei wrote: > > I hate to ask for something else from you, but I am trying to figure out > > how we can proceed in reviewing and applying your additions. I am > > wondering if you can produce a patch that has the SE-Linux part separate > > so I can review the non-SE-Linux parts of the patch alone --- right now > > I am not 100% clear on what parts are always active as row-level SQL > > security and what needs SE-Linux to operate. I know this is an > > additional burden on you and if it is too much to ask, please tell me. > > All the SELinux specific part is stored within: > - src/include/security/sepgsq.h > - src/backend/security/sepgsql/* > - Blocks enclosed by "#if defined(HAVE_SELINUX)" > in src/include/security/pgace.h > > SELinux related codes are never invoked without pgaceXXXX() hooks, > so you can simply ignore the above files/parts when you are under > the reviewing to non-SELinux parts. > Rest of changes are commonly needed to manage security attribute > and to inject security hooks. > > In all honesty, I hesitate to separate the patch again into two > parts to be integrated later. I would be happy, if you suggested > it a half year ago, because this feature was suggested as two > separated patches in CommitFest:May. :(
Thanks, that's what I needed to know. -- Bruce Momjian <[EMAIL PROTECTED]> http://momjian.us EnterpriseDB http://enterprisedb.com + If your life is a hard drive, Christ can be your backup. + -- Sent via pgsql-hackers mailing list (pgsql-hackers@postgresql.org) To make changes to your subscription: http://www.postgresql.org/mailpref/pgsql-hackers
