David,
> 2. Apart from Kohei-san and Stephen Frost, is anybody actually
> interested in having this feature at all?
I'm interested in a version of the feature. That is, I'm specifically
interested in an SEPostgres which delivers:
a) SELinux-label control (pluggable with TrustedSolaris and other
frameworks) of the existing PostgreSQL privileges.
b) Efficient constraint-based row-level security (as opposed to
individual row labelling)[1]
I also believe that an SEPostgres which delivered row masking and data
substitution would be of interest to a significant number of new users,
but that these features are complex and unintuitive enough that they
should always be an optional module.
Secondarily, I believe that having integrated SEPostgres support woudl
bring us new users from the government security sector and the health
care sector who do not currently use PostgreSQL. Whether any of these
users would contribute substantially to maintaining it is an open
question; they certainly have funding, though, and the NSA has
contributed a substantial amount of resources to Linux, and the Japanese
Security Agency has contributed to PostgreSQL before.
[1] For an explanation of the two ways to do row-level security, see here:
http://it.toolbox.com/blogs/database-soup/thinking-about-row-level-security-part-1-30732
http://it.toolbox.com/blogs/database-soup/thinking-about-row-level-security-part-2-30757
--
Josh Berkus
PostgreSQL Experts Inc.
www.pgexperts.com