Robert Haas wrote:
> On Wed, Dec 9, 2009 at 5:38 PM, Bruce Momjian <bruce@momjian.us> wrote:
> > If you want to avoid all good reasons for this features and are looking
> > for reasons why this patch is a bad idea, I am sure you can find them.
>
> You seem to be suggesting that our reactions are pure obstructionism,
> or that they have an ulterior motive.
I am merely stating that this is the same as the Win32 port, and that
there are many reasons to believe the SE-PostgreSQL patch will cause all
sorts of problems --- this is not a surprise. I am giving a realistic
analysis of the patch --- if people want to say that thinking of it as
two separate patches that have to be maintained separately is a terrible
idea, I have no reply except to say that realistically that is the only
possible direction I see for this feature in the short term. Few
Postgres people modifying the permissions system are going to understand
how to modify SE-Linux support routines to match their changes.
I got a similar reaction when I wanted to do the Win32 port, and the
reasons not to do it were similar to the ones I am hearing now. Finally
the agreement was that I could attempt the Win32 port as long as I
didn't destabilize the rest of the code --- not exactly a resounding
endorsement. Looking back I think everyone is glad we did the port, but
at the time there wasn't much support. I got the same reaction to
pg_migrator.
I am having trouble figuring out when I should heed community concerns,
and when the concerns are merely because the task is
hard/messy/difficult. Frankly, we don't analyze hard/messy/difficult
tasks very well. Now, I am not saying that the SE-PostgreSQL patch
should be pursued, but I am saying that we shouldn't avoid it for these
reasons, because sometimes hard/messy/difficult is necessary to
accomplish dramatic software advances.
-- Bruce Momjian <bruce@momjian.us> http://momjian.us EnterpriseDB
http://enterprisedb.com
+ If your life is a hard drive, Christ can be your backup. +
