Joshua Brindle wrote:
Greg Smith wrote:
It's funny; we started out this CommitFest with me scrambling to find
someone, anyone, willing to review the latest SE-PostgreSQL patch,
knowing it was a big job and few were likely to volunteer. Then
schedules lined up just right, and last night I managed to get a great
group of people all together to do perhaps the biggest single patch
review ever, to work on just that. I gathered up a list of the biggest
concerns about this feature and its associated implementation, we got a
number of regular PostgreSQL hackers and two of the security guys you've
seen on this list all in the same room, and we talked about little but
SEPostgreSQL for hours. Minutes are at
http://wiki.postgresql.org/wiki/SEPostgreSQL_Review_at_the_BWPUG and I'd
suggest anyone interested in this feature (or in rejecting this feature)
to take a look at what we covered.
I just wanted to add some talking notes here.
User base for the feature:
While my goals for this feature line up with military/government users
this is in no way the extent of the potential user base. The fact is
most people won't know they want this feature until it is available. Why
is that? Well, how many of you have written webapps and implemented
policy logic in your application rather than the database level? Why do
people currently feel the need to do this? Is it even possible to
implement some complex policies (eg., PCI compliance) at the database
level? If PostgreSQL version whatever suddenly had the ability to
implement the policy logic in the database, would you move it there? I
know I would..
Audit:
In past conversations it sounded like some of the Postgres community was
skeptical even about the design of the security model. For an even
earlier look (September 2006) of KaiGai and the SELinux community
talking about the object model and even high level design of the
solution see <http://marc.info/?l=selinux&m=115762285013528&w=2>
I highly suggest a quick read of the above thread, it shows how we
established an object model in fairly short order. The conversation also
continues here: <http://marc.info/?l=selinux&m=115786457722767&w=2>
and also here:
<http://marc.info/?l=selinux&m=117160445604805&w=2>
<http://marc.info/?l=selinux&m=117160445611588&w=2>
<http://marc.info/?l=selinux&m=117160445608517&w=2>
--
Sent via pgsql-hackers mailing list (pgsql-hackers@postgresql.org)
To make changes to your subscription:
http://www.postgresql.org/mailpref/pgsql-hackers
