Kevin Grittner escribió:
> > I'd like to see us be able to support it. One of the things that
> > I think would be worth looking into is whether there is a way to
> > make this pluggable, so that selinux and apparmor and trusted
> > solaris and so on could make use of the same framework
>
> Given the extreme patience and diligence exhibited by KaiGai, I
> hesitate to say this, but it seems to me that this would be
> critically important for the long term success of this feature. I
> have no idea how much work it would be to make the interface to the
> external security system pluggable, but if it's at all feasible, I
> think it should be done.
This is how the code was developed initially -- the patch was called
PGACE and SELinux was but the first implementation on top of it.
--
Alvaro Herrera http://www.CommandPrompt.com/
PostgreSQL Replication, Consulting, Custom Development, 24x7 support
