On Tue, 27 Jan 2009, Chad Sellers wrote:
> I'll speak to this a bit (Josh is also a Tresys employee). I can't say who
> my customers are, but I can speak to their needs. They really need row-level
> mandatory access controls (so both).
From the perspective of what this would buy as far as this feature being a
PostgreSQL advocacy point, one of the questions Tom asked about a bit
upthread is still a bit hazy here. There are commercial database
offerings selling into the "trusted" space already. While the use-cases
you describe make perfect sense, I don't think it's clear to everyone yet
if there's a unique draw to a PostgreSQL + selinux solution that the class
of customers you're talking about would prefer it to purchasing one of
those products. Is the cost savings the main driver here, or is there
something else about a secure LAPP stack that makes it particularly
compelling?
--
* Greg Smith gsmith@gregsmith.com http://www.gregsmith.com Baltimore, MD
