Re: Adding support for SE-Linux security - Mailing list pgsql-hackers

From KaiGai Kohei
Subject Re: Adding support for SE-Linux security
Date
Msg-id 4B1705E5.9060008@ak.jp.nec.com
Whole thread Raw
In response to Re: Adding support for SE-Linux security  (Josh Berkus <josh@agliodbs.com>)
List pgsql-hackers
Josh Berkus wrote:
> Bruce,
> 
>> If we decide not to support SE-Linux, it is unlikely we will be adding
>> support for any other external security systems because SE-Linux has the
>> widest adoption.
>>
>> I think the big question is whether we are ready to extend Postgres to
>> support additional security infrastructures.
> 
> PostgreSQL is the most security-conscious of the OSS databases, and is
> widely used by certain groups (security software, military, credit card
> processing) precisely because of this reputation.  These folks, while
> unlikely to speak up on -hackers, are interested in new/further security
> features; when I was at the Pentagon 2 years ago several people there
> from HS were quite interested in SE-Postgres specifically.  Further,
> I've been mentioning SE-Postgres in my "DB security talk" for the last
> 18 months and I *always* get a question about it.
> 
> So while there might not be vocal proponents for innovative/hard-core
> security frameworks on this list currently, I think it will gain us some
> new users.  Maybe more than we expect.

Good, I also have gotten many voices, questions and requirements from
the viewpoints of enterprise users who make plans to launch their SaaS
system typically.

Thanks,
-- 
OSS Platform Development Division, NEC
KaiGai Kohei <kaigai@ak.jp.nec.com>


pgsql-hackers by date:

Previous
From: Alvaro Herrera
Date:
Subject: Re: [PATCH] Windows x64
Next
From: KaiGai Kohei
Date:
Subject: Re: Adding support for SE-Linux security