Home > mailing lists

Re: [PATCH] Add <> support to sepgsql_restorecon - Mailing list pgsql-hackers

From	Ted X Toth
Subject	Re: [PATCH] Add <> support to sepgsql_restorecon
Date	January 17, 2023 17:59:02
Msg-id	167396754287.1137.10261043173596032365.pgcf@coridan.postgresql.org Whole thread Raw
In response to	Re: [PATCH] Add <> support to sepgsql_restorecon (Joe Conway <mail@joeconway.com>)
Responses	Re: [PATCH] Add <> support to sepgsql_restorecon Re: [PATCH] Add <> support to sepgsql_restorecon
List	pgsql-hackers

Tree view

The intent of this patch is not to stop all relabeling only to stop sepgsql_restorecon from doing a bulk relabel. I
believesepgsql_object_relabel is called by the 'SECURITY LABEL'  statement which I'm using to set the label of db
objectsto a specific context which I would not want altered later by a restorecon. This is particularly important in a
MLS(multi-level security) environment where for example if a row were labeled at the 'secret' level I would not
restoreconto relabel it possibly causing a downgrade. 

The new status of this patch is: Ready for Committer

pgsql-hackers by date:

From: Tomas Vondra
Date: 17 January 2023, 17:52:07
Subject: Re: Sampling-based timing for EXPLAIN ANALYZE

From: Tom Lane
Date: 17 January 2023, 18:18:46
Subject: Re: Extracting cross-version-upgrade knowledge from buildfarm client

Re: [PATCH] Add <> support to sepgsql_restorecon - Mailing list pgsql-hackers

Previous

Next