Re: Updates of SE-PostgreSQL 8.4devel patches (r1197) - Mailing list pgsql-hackers

From Simon Riggs
Subject Re: Updates of SE-PostgreSQL 8.4devel patches (r1197)
Date
Msg-id 1226500926.27904.354.camel@ebony.2ndQuadrant
Whole thread Raw
In response to Re: Updates of SE-PostgreSQL 8.4devel patches (r1197)  (Bruce Momjian <bruce@momjian.us>)
Responses Re: Updates of SE-PostgreSQL 8.4devel patches (r1197)
List pgsql-hackers
On Fri, 2008-11-07 at 16:52 -0500, Bruce Momjian wrote:

> Simon, would you read the chapter on "covert channels"?  You might
> understand it better than I do and it might give you some ideas:
> 
>        http://citeseerx.ist.psu.edu/viewdoc/summary?doi=10.1.1.33.5950

OK, read that now.

Looks to me the covert channel debate will remain open whichever we do.

I agree with you that careful design avoids the problem, for the most
part. Even without that, it appears we have enough to achieve
certification.

The only remaining problem for me now is the size of the security
context column added to each row. I can accept a fixed length 4 byte
value, but anything longer just seems that it will render this unusable.
Normal apps should be able to benefit from row level security, as well
as high-security apps. The additional row overhead is enough to prevent
that, as well as put off many very large high security apps - which is
catastrophic because many of them are very large these days.

-- Simon Riggs           www.2ndQuadrant.comPostgreSQL Training, Services and Support



pgsql-hackers by date:

Previous
From: Simon Riggs
Date:
Subject: Re: Reducing some DDL Locks to ShareLock
Next
From: Alvaro Herrera
Date:
Subject: Re: Block-level CRC checks