> * Alvaro Herrera (alvherre@2ndquadrant.com) wrote:
> > Kohei KaiGai wrote:
> > > Unfortunately, I could not get consensus of design on selinux policy side.
> > > Even though my opinion is to add individual security class for materialized
> > > view to implement refresh permission, other people has different opinion.
> > > So, I don't want it shall be a blocker of v9.3 to avoid waste of time.
> > > Also, I'll remind selinux community on this issue again, and tries to handle
> > > in another way from what I proposed before.
> >
> > Did we get this fixed?
>
> I don't think so, but it's something I'm interested in and have an
> envrionment where I can work on it.
>
> Will look into it and try to provide an update soon.
>
> Any further thoughts or suggestions would be appreciated.
>
Ah, yes, the issue has been kept unhandled.
May I remind selinux folks again, to add "db_materialized_view" class?
Or, Stephan, do you have idea to apply equivalent checks on refresh
operation?
Thanks,
--
NEC OSS Promotion Center / PG-Strom Project
KaiGai Kohei <kaigai@ak.jp.nec.com>
