Tom Lane wrote:
> KaiGai Kohei <[EMAIL PROTECTED]> writes:
There are also
some interesting questions about SQL spec compliance and whether a
database that silently hides some rows from you will give semantically
consistent results.
>>> Yeah -- that's a potentially serious issue;
KaiGai Kohei <[EMAIL PROTECTED]> writes:
>>> There are also
>>> some interesting questions about SQL spec compliance and whether a
>>> database that silently hides some rows from you will give semantically
>>> consistent results.
>>
>> Yeah -- that's a potentially serious issue; KaiGai, have you l
... which presumably wouldn't involve any added dependency on outside
code.
For people who are already using SELinux or Trusted Solaris, making the
database dependent on that infrastructure might be seen as a plus, but
I'm not sure the rest of the world would be pleased.
Yes, I was thinking t
Josh Berkus <[EMAIL PROTECTED]> writes:
> Give the team some credit, though; they've managed to come up with a
> system that integrates OS-level ACLs for both SElinux and TxSol, are not
> asking us to incorporate two different sets, and are coming to us with a
> serious proposal that has a lot o
Tom, Andrew, KaiGai,
"Andrew Dunstan" <[EMAIL PROTECTED]> writes:
What's more, we have a SoC project for column level access controls.
I don't see the SE stuff as a replacement for that, since it apparently
exists outside the standard SQL security model.
... which presumably wouldn't invo
For people who are already using SELinux or Trusted Solaris, making the
database dependent on that infrastructure might be seen as a plus, but
I'm not sure the rest of the world would be pleased.
Even where SELinux is available it has had mixed reviews - I habitually
disable it.
The relatio
Tom Lane wrote:
> "Andrew Dunstan" <[EMAIL PROTECTED]> writes:
>> What's more, we have a SoC project for column level access controls.
>
> ... which presumably wouldn't involve any added dependency on outside code.
> For people who are already using SELinux or Trusted Solaris, making the
> databas
Tom Lane wrote:
> Josh Berkus <[EMAIL PROTECTED]> writes:
>> Column level? We don't currently support that, except through VIEWs.
>> How is it implemented?
>
> It wasn't clear to me how much of this is actually working today and how
> much is a paper design --- one thing in particular that stood
Josh Berkus wrote:
> KaiGai,
>
>> It provides database users fine grained mandatory access control
>> including row and column level one, and integration with operating
>> system security policy.
>
> Column level? We don't currently support that, except through VIEWs.
> How is it implemented?
P
Tom Lane wrote:
"Andrew Dunstan" <[EMAIL PROTECTED]> writes:
What's more, we have a SoC project for column level access controls.
... which presumably wouldn't involve any added dependency on outside code.
Quite so. You can see the project description at
http://code.google.com/so
"Andrew Dunstan" <[EMAIL PROTECTED]> writes:
> What's more, we have a SoC project for column level access controls.
... which presumably wouldn't involve any added dependency on outside code.
For people who are already using SELinux or Trusted Solaris, making the
database dependent on that infrast
Josh Berkus <[EMAIL PROTECTED]> writes:
> Column level? We don't currently support that, except through VIEWs.
> How is it implemented?
It wasn't clear to me how much of this is actually working today and how
much is a paper design --- one thing in particular that stood out as
probable handwaving
Josh Berkus wrote:
> KaiGai,
>
>> It provides database users fine grained mandatory access control
>> including row and column level one, and integration with operating
>> system security policy.
>
> Column level? We don't currently support that, except through VIEWs.
> How is it implemented?
>
KaiGai,
> It provides database users fine grained mandatory access control
> including row and column level one, and integration with operating
> system security policy.
Column level? We don't currently support that, except through VIEWs.
How is it implemented?
--Josh
-
As I announced alpha version of SE-PostgreSQL about one month ago,
I'm working for development of a security facility integrated with
secure operating system.
It provides database users fine grained mandatory access control
including row and column level one, and integration with operating
system
15 matches
Mail list logo