On Fri, Dec 11, 2009 at 4:31 AM, Magnus Hagander <mag...@hagander.net> wrote: > On Fri, Dec 11, 2009 at 05:45, Tom Lane <t...@sss.pgh.pa.us> wrote: >> Robert Haas <robertmh...@gmail.com> writes: >>> On Thu, Dec 10, 2009 at 5:08 PM, Tom Lane <t...@sss.pgh.pa.us> wrote: >>>> My guess is that a credible SEPostgres offering will require a long-term >>>> amount of work at least equal to, and very possibly a good deal more >>>> than, what it took to make a native Windows port. >> >>> The SEPostgres community is surely a lot smaller than the Windows >>> community, but I'm not sure whether the effort estimate is accurate or >>> not. If "credible" includes "row-level security", then I think I >>> might agree, but right now we're just trying to get off the ground. >> >> It's been perfectly clear since day one, and was reiterated as recently >> as today >> http://archives.postgresql.org/message-id/4b21757e.7090...@2ndquadrant.com >> that what the security community wants is row-level security. The > > If that is true, then shouldn't we have an implementation of row level > security *first*, and then an implementation of selinux hooks that > work with this row level security feature? Rather than first doing > selinux hooks, then row level security, which will likely need new > and/or changed hooks... > > I'm not convinced that row level security is actually that necessary > (though it's a nice feature, with or without selinux), but if it is, > it seems we are approaching the problem from the wrong direction.
I don't think there's a correct ordering to SE-PostgreSQL and row-level security. They're better together, but I don't think either has to be done first. If we were going to pick one to do first, I'd pick SE-PostgreSQL. Row-level security is going to be a @$#! of a project if we want it done right (and we do). ...Robert -- Sent via pgsql-hackers mailing list (pgsql-hackers@postgresql.org) To make changes to your subscription: http://www.postgresql.org/mailpref/pgsql-hackers
