<div class="gmail_quote">On Wed, Jan 28, 2009 at 4:28 AM, Peter Eisentraut <span dir="ltr"><<a
href="mailto:peter_e@gmx.net">peter_e@gmx.net</a>></span>wrote:<br /><blockquote class="gmail_quote"
style="border-left:1px solid rgb(204, 204, 204); margin: 0pt 0pt 0pt 0.8ex; padding-left: 1ex;"><div
class="Ih2E3d">GregSmith wrote:<br /><blockquote class="gmail_quote" style="border-left: 1px solid rgb(204, 204, 204);
margin:0pt 0pt 0pt 0.8ex; padding-left: 1ex;"> PostgreSQL advocacy point, one of the questions Tom asked about a bit
upthreadis still a bit hazy here. There are commercial database offerings selling into the "trusted" space already.
Whilethe use-cases you describe make perfect sense, I don't think it's clear to everyone yet if there's a unique draw
toa PostgreSQL + selinux solution that the class of customers you're talking about would prefer it to purchasing one of
thoseproducts. Is the cost savings the main driver here, or is there something else about a secure LAPP stack that
makesit particularly compelling?<br /></blockquote><br /></div> According to the data available to me, it is a
combinationof doing it better than the other guys (e.g., a SELinux type interface instead of something handcrafted) and
theusual cost savings.<br /></blockquote></div><br />I don't know about better, but I would definitely say that it's a
moreintegrated (with the OS) solution. Can you get Oracle to use SELinux policies? Sure. But it would take a
combinationof Label Security, Fine Grained Access Control tweaks, custom C functions, and custom policies to handle the
accesscontrol. And, it would cost a helluva lot of money.<br /><br />In short, this would make Postgres quite a bit
moreappetizing to those who need this functionality, those who prefer SELinux-based policies, and those who don't have
thetime/money to do it in systems like Oracle. How many people is that? Based on my consulting experience and
questionsfrom DoD/DoE people specifically, I think the number of people needing this feature is fairly small right
now. But, it wouldn't hurt us to have it.<br clear="all" /><br />Just to make it clear, this feature wouldn't make
Postgresa "trusted" database in any certification sense. So, using that term would likely cause confusion and get
peoplewho used it thinking it had an EAL certification into trouble.<br /><br />-- <br />Jonah H. Harris, Senior DBA<br
/>myYearbook.com<br/><br />
