Bruce, > If we decide not to support SE-Linux, it is unlikely we will be adding > support for any other external security systems because SE-Linux has the > widest adoption. > > I think the big question is whether we are ready to extend Postgres to > support additional security infrastructures.
PostgreSQL is the most security-conscious of the OSS databases, and is widely used by certain groups (security software, military, credit card processing) precisely because of this reputation. These folks, while unlikely to speak up on -hackers, are interested in new/further security features; when I was at the Pentagon 2 years ago several people there from HS were quite interested in SE-Postgres specifically. Further, I've been mentioning SE-Postgres in my "DB security talk" for the last 18 months and I *always* get a question about it. So while there might not be vocal proponents for innovative/hard-core security frameworks on this list currently, I think it will gain us some new users. Maybe more than we expect. When GIS was introduced to this list ten years ago it was criticized as a marginal feature and huge and intrusive. But today it's probably 40% of our user base, and growing far more rapidly than anything else with Postgres. Maybe SE will be more like Rules than like GIS in the long run, but there's no way for us to know that today. --Josh Berkus -- Sent via pgsql-hackers mailing list (pgsql-hackers@postgresql.org) To make changes to your subscription: http://www.postgresql.org/mailpref/pgsql-hackers