Home > mailing lists

Re: Updates of SE-PostgreSQL 8.4devel patches (r1268) - Mailing list pgsql-hackers

From	Peter Eisentraut
Subject	Re: Updates of SE-PostgreSQL 8.4devel patches (r1268)
Date	December 11, 2008 20:06:09
Msg-id	200812112305.57279.peter_e@gmx.net Whole thread Raw
In response to	Re: Updates of SE-PostgreSQL 8.4devel patches (r1268) (Gregory Stark <stark@enterprisedb.com>)
List	pgsql-hackers

Tree view

On Thursday 11 December 2008 21:44:39 Gregory Stark wrote:
> > Because we want to use SQL-based row access control and SELinux-based row
> > access control at the same time.  Isn't this exactly one of the
> > objections upthread?  Both must be available at the same time.
>
> Well I don't think anyone would actually want them *at the same time*.
> Combining multiple security models would mean you aren't actually following
> any security model.

That doesn't follow.  Using DAC and MAC together is quite standard.  Even if
your kernel is SELinux-enabled and has a policy, you'd still want to use
normal permission bits.  Same difference here.

pgsql-hackers by date:

From: Peter Eisentraut
Date: 11 December 2008, 20:03:37
Subject: Re: Updates of SE-PostgreSQL 8.4devel patches (r1268)

From: "Vladimir Sitnikov"
Date: 11 December 2008, 20:19:46
Subject: Re: benchmarking the query planner

Re: Updates of SE-PostgreSQL 8.4devel patches (r1268) - Mailing list pgsql-hackers

Previous

Next