Re: Adding support for SE-Linux security - Mailing list pgsql-hackers

From Ron Mayer
Subject Re: Adding support for SE-Linux security
Date
Msg-id 4B171010.3070108@cheapcomplexdevices.com
Whole thread Raw
In response to Re: Adding support for SE-Linux security  (KaiGai Kohei <kaigai@ak.jp.nec.com>)
Responses Re: Adding support for SE-Linux security
List pgsql-hackers
KaiGai Kohei wrote:
> Needless to say, NEC is also a supporter to develop and maintain
> SE-PgSQL feature. We believe it is a necessity feature to construct
> secure platform for SaaS/Cloud computing, so my corporation has funded
> to develop SE-PgSQL for more than two years.

Rather than "needless to say", I think this is worth elaborating on.

Knowing how companies like NEC and their customers see SELinux and
SE-PgSQL help their database projects would probably be one of the
most compelling stories for getting broader support for the feature.

Before googling "nec software" after seeing you mention
this, I knew very little about NEC's software business.
I can read some about NEC's software/database business for
NEC North America's[1] and NEC Global Services[2] but imagine
globally there's even more to it than that.


Understanding how SE-PgSQL (and presumably SE-Linux) helps
build a better SaaS/Cloud computing platform would probably
help many people support this feature more.   The cloud computing
platforms I see more are ones that isolate a user's data either
at a higher application layer (like salesforce) or a lower
virtual machine layer (like amazon's elastic cloud).  Is a
vision of SE-PgSQL to help cloud computing companies sell
customers access to a single underlying postgres instance,
and share selected data between each other at a row level?
Just curious.


[1] http://www.necam.com/EntSw/
[2] http://www.necgs.com/partners.php



pgsql-hackers by date:

Previous
From: Andrew Dunstan
Date:
Subject: Re: Adding support for SE-Linux security
Next
From: Ron Mayer
Date:
Subject: Re: SE-PgSQL patch review