Andrew Dunstan wrote:
Josh Berkus wrote:
Joshua, Kohei-san,
So, for 8.4: *if* we included in 8.4 a version of SEPostgres with all
features *except* row-level security, would it still be useful to the
SELinux community?
I think we're just not going to work out the headache-inducing issues
around row-level security in time for 8.4, and it seems to me that
integrated system-level security labels at the table-and-column level
are still very useful, even without row-level security.
Hasn't a plan for this already been posted? See
http://archives.postgresql.org/pgsql-hackers/2009-01/msg02407.php
FYI:
* previous full-functional SE-PostgreSQL/Row-ACLs
[kai...@fedora10 security]$ wc -l *.c */*.c
729 pgaceCommon.c
1547 pgaceHooks.c
721 rowacl/rowacl.c
1200 sepgsql/avc.c
623 sepgsql/core.c
1019 sepgsql/hooks.c
785 sepgsql/permissions.c
1097 sepgsql/proxy.c
7721 total
* A lite SE-PostgreSQL without row-level security,
large object support, writable system column
[kai...@fedora10 sepgsql]$ wc -l *.c
904 checker.c
1181 avc.c
360 core.c
55 dummy.c
683 hooks.c
478 label.c
553 perms.c
4214 total
Today, I'll debug the modified code...
--
KaiGai Kohei <kai...@kaigai.gr.jp>
--
Sent via pgsql-hackers mailing list (pgsql-hackers@postgresql.org)
To make changes to your subscription:
http://www.postgresql.org/mailpref/pgsql-hackers