KaiGai Kohei wrote:
The SELinux provides a certain process privilege to make backups and restore them. In the (currect) default policy, it is called "unconfined". However, it is also *possible* to define a new special process privilege for backup and restore tools. For example, it can access all the databse objects and can make backups, but any other process cannot touch the backup files. It means that DBA can launch a backup tool and it creates a black-boxed file, then he cal also lauch a restore tool to restore the black-boxed backup, but he cannot see the contents of the backup. (It might be a similar idea of "sudo" mechanism.)
Really? How you enforce this black box rule for a backup made across the network? From the server's POV there is no such thing as a backup. All it sees is a set of SQL statements all of which it might see in some other context.
cheers andrew -- Sent via pgsql-hackers mailing list (pgsql-hackers@postgresql.org) To make changes to your subscription: http://www.postgresql.org/mailpref/pgsql-hackers
