Postgres Pro
Downloads
Home   >   mailing lists

Re: SE-PostgreSQL/Lite Review - Mailing list pgsql-hackers

From Joshua Brindle
Subject Re: SE-PostgreSQL/Lite Review
Date
Msg-id 4B227445.5030609@manicmethod.com
Whole thread Raw
In response to Re: SE-PostgreSQL/Lite Review  (Joshua Brindle <method@manicmethod.com>)
List pgsql-hackers
Tree view 
Joshua Brindle wrote:
> Greg Smith wrote:
>> It's funny; we started out this CommitFest with me scrambling to find
>> someone, anyone, willing to review the latest SE-PostgreSQL patch,
>> knowing it was a big job and few were likely to volunteer. Then
>> schedules lined up just right, and last night I managed to get a great
>> group of people all together to do perhaps the biggest single patch
>> review ever, to work on just that. I gathered up a list of the biggest
>> concerns about this feature and its associated implementation, we got a
>> number of regular PostgreSQL hackers and two of the security guys you've
>> seen on this list all in the same room, and we talked about little but
>> SEPostgreSQL for hours. Minutes are at
>> http://wiki.postgresql.org/wiki/SEPostgreSQL_Review_at_the_BWPUG and I'd
>> suggest anyone interested in this feature (or in rejecting this feature)
>> to take a look at what we covered.
>>
>
> I just wanted to add some talking notes here.
>
> User base for the feature:
>
> While my goals for this feature line up with military/government users
> this is in no way the extent of the potential user base. The fact is
> most people won't know they want this feature until it is available. Why
> is that? Well, how many of you have written webapps and implemented
> policy logic in your application rather than the database level? Why do
> people currently feel the need to do this? Is it even possible to
> implement some complex policies (eg., PCI compliance) at the database
> level? If PostgreSQL version whatever suddenly had the ability to
> implement the policy logic in the database, would you move it there? I
> know I would..
>
> Audit:
>
> In past conversations it sounded like some of the Postgres community was
> skeptical even about the design of the security model. For an even
> earlier look (September 2006) of KaiGai and the SELinux community
> talking about the object model and even high level design of the
> solution see <http://marc.info/?l=selinux&m=115762285013528&w=2>
>

I highly suggest a quick read of the above thread, it shows how we 
established an object model in fairly short order. The conversation also 
continues here: <http://marc.info/?l=selinux&m=115786457722767&w=2>

and also here:
<http://marc.info/?l=selinux&m=117160445604805&w=2>
<http://marc.info/?l=selinux&m=117160445611588&w=2>
<http://marc.info/?l=selinux&m=117160445608517&w=2>

pgsql-hackers by date:

Previous
From: Robert Haas
Date:
Subject: Re: Adding support for SE-Linux security
Next
From: Stephen Frost
Date:
Subject: Re: SE-PostgreSQL/Lite Review