Home > mailing lists

Re: How to get SE-PostgreSQL acceptable - Mailing list pgsql-hackers

From	Robert Haas
Subject	Re: How to get SE-PostgreSQL acceptable
Date	February 2, 2009 23:55:36
Msg-id	603c8f070902021655i5a92aaa8l6f5a8907beeec757@mail.gmail.com Whole thread Raw
In response to	Re: How to get SE-PostgreSQL acceptable (KaiGai Kohei <kaigai@ak.jp.nec.com>)
List	pgsql-hackers

Tree view

>> Why an OID?  We store acl items now without a lookup table;  I think
>> there will be at most the same number of SE-Linux entries.  Also, by
>> using text we avoid the problem of cleaning out unreferenced pg_security
>> rows, improve performance (no lookups), and simplify the code.
>
> In addition, it also has performance gain.
> The current architecture does not need to look up pg_security in most
> cases. SE-PostgreSQL caches results of access controls in userspace

I think this is a very compelling point.

...Robert

pgsql-hackers by date:

From: Bruce Momjian
Date: 02 February 2009, 23:47:55
Subject: Re: How to get SE-PostgreSQL acceptable

From: "Kevin Grittner"
Date: 03 February 2009, 00:10:44
Subject: Re: add_path optimization

Re: How to get SE-PostgreSQL acceptable - Mailing list pgsql-hackers

Previous

Next