Tom Lane wrote:
> The problem, in words of one syllable, is that we are not sure we want
> it. Do you see a user community clamoring for SEPostgres, or a hacker
This is a chicken-and-egg type of problem.
Security-conscious users, applications, hackers, and customers will
flock towards whichever database product leads in that area.
If some hypothetical database has only minimal security features, I
imagine few security experts would spend a lot of time with the database.
> The second problem is that we're not sure it's really the right thing,
> because we have no one who is competent to review the design from a
> security standpoint. But unless we get past the first problem the
> second one is moot.
Are we underestimating Kaigai Kohei? I seem to see him credited on
the NSA's SELinux pages: http://www.nsa.gov/research/selinux/contrib.shtml
and it seems his patches there related to postgresql were pretty widely
discussed on the SELinux lists: http://www.nsa.gov/research/selinux/list-archive/0805/index.shtml#26163
