Thread: SEPostgres - on track for 8.4?
Howdy Folks, I notice that several SELinux patches have been submitted in the CommitFest targeting Nov 1 for 8.4. Is this on track for implementation in Postgres core by 8.4? Thanks, -Josh -- ----- http://www.globalherald.net/jb01 GlobalHerald.NET, the Smarter Social Network! (tm)
Joshua Kramer wrote: > > Howdy Folks, > > I notice that several SELinux patches have been submitted in the > CommitFest targeting Nov 1 for 8.4. Is this on track for implementation > in Postgres core by 8.4? Still under discussion. The idea is to get it merged for 8.4, *but* there's three critical areas that need help: 1) making row-based permissions which is exposed to the SQL command line and works even without SELinux. 2) coming up with some acceptable algorithm in which FKs can work with row-based-permissions which can be improved in the future without breaking backwards compatibility. 3) detailed checking of the current implementation of SEPostgres against the Common Criteria requirements by someone who speaks "security tech". So, anyone who wants this patch, **we need your help** in making it happen. Also, as you can see, PostgreSQL is not about "good enough" but about "as good as we can reasonably do". I think generally that since we're releasing once a year, every year, holding off on a patch for one version to make it "near perfect" is probably a good strategy ... as much as it pains me to wait. Current status of SEPostgres patch: hopeful, but not assured. --Josh Berkus
On Wednesday 22 October 2008 12:14:12 Josh Berkus wrote:
> Joshua Kramer wrote:
> > Howdy Folks,
> >
> > I notice that several SELinux patches have been submitted in the
> > CommitFest targeting Nov 1 for 8.4. Is this on track for implementation
> > in Postgres core by 8.4?
>
> Still under discussion. The idea is to get it merged for 8.4, *but*
> there's three critical areas that need help:
>
> 1) making row-based permissions which is exposed to the SQL command line
> and works even without SELinux.
>
> 2) coming up with some acceptable algorithm in which FKs can work with
> row-based-permissions which can be improved in the future without
> breaking backwards compatibility.
>
> 3) detailed checking of the current implementation of SEPostgres against
> the Common Criteria requirements by someone who speaks "security tech".
>
> So, anyone who wants this patch, **we need your help** in making it happen.
>
> Also, as you can see, PostgreSQL is not about "good enough" but about
> "as good as we can reasonably do". I think generally that since we're
> releasing once a year, every year, holding off on a patch for one
> version to make it "near perfect" is probably a good strategy ... as
> much as it pains me to wait.
>
> Current status of SEPostgres patch: hopeful, but not assured.
>
Someone mentioned to me that IBM and Oracle have several patents in this area,
is anyone looking into that angle?
--
Robert Treat
Build A Brighter LAMP :: Linux Apache {middleware} PostgreSQL
On Wed, Oct 22, 2008 at 08:32:19PM -0400, Robert Treat wrote: > Someone mentioned to me that IBM and Oracle have several patents in this area, > is anyone looking into that angle? Given the remarkable dearth of patent lawyers in this group, I think this is the wrong group of people to be doing patent searches. That doesn't mean one should do work that one knows infringes on a patent. But if you don't know about, and haven't been apprised of, a patent that you are infringing, it seems a bad idea to go looking for patents on which to infringe knowingly. Especially in light of the tendency of the USPTO to issue patents on completely obvious things. (Wearing another hat, I have been reminded of this once again today. Someone apparently got a patent on using the position of a GPS receiver, and using that datum to give out authorization to certain data. Like, it would never have _occurred_ to anyone to use the data from GPS for purposes other than, say, Trivial Pursuit. Yes, clearly an innovation that had to be defended from the ever-present freeloaders who just want to ride on the backs of genuine inventions like deducing things from a GPS receiver's position.) A -- Andrew Sullivan ajs@commandprompt.com +1 503 667 4564 x104 http://www.commandprompt.com/
Robert, > > Someone mentioned to me that IBM and Oracle have several patents in this area, > is anyone looking into that angle? > That would be an *extremely* bad idea. In patentland, ignorance is actually a defense. So, if anyone *does* know about patents in this area, please keep that knowledge to yourself. --Josh
On Thu, Oct 23, 2008 at 10:17:43AM -0700, Josh Berkus wrote: > So, if anyone *does* know about patents in this area, please keep that > knowledge to yourself. Unless, of course, you're committing, writing, or reviewing the code, at which point you're actually infringing. Then you have to say something. But it'd be a very bad idea to go trolling through patent databases in any effort to "educate" oneself. We don't encourage lawyers to submit patches to PostgreSQL because they're not coders, and don't have the relevant experience. We should avoid the temptation to do likewise, _mutatis mutandis_. Even if you are among the people who think that we should follow the Shakespearean advice and kill all the lawyers, the fact is that law is a technical specialty that requires years of training and experience to do well, particularly in very tricky areas like patent law. If the project needs it at some point in future, there is legal advice available through the PostgreSQL fund at SPI. Until that unhappy day, I encourage the avoidance of speculation on any patent matters related to Postgres. A -- Andrew Sullivan ajs@commandprompt.com +1 503 667 4564 x104 http://www.commandprompt.com/
On Thursday 23 October 2008 13:17:43 Josh Berkus wrote:
> Robert,
>
> > Someone mentioned to me that IBM and Oracle have several patents in this
> > area, is anyone looking into that angle?
>
> That would be an *extremely* bad idea. In patentland, ignorance is
> actually a defense.
>
> So, if anyone *does* know about patents in this area, please keep that
> knowledge to yourself.
>
I doubt it would be much of a defense given what you just posted...
personally if someone does know that there is a patent, i'd rather we heard
about it before we put the code in than after.
--
Robert Treat
Build A Brighter LAMP :: Linux Apache {middleware} PostgreSQL
Robert, > personally if someone does know that there is a patent, i'd rather we heard > about it before we put the code in than after. 90% of granted patents are invalid. And *nobody* on our mailing lists is capable of judging validity *or* infringement. So you, Robert, are basically encouraging people to troll our lists with spurious patent issues. Please stop it, right now. -- Josh Berkus PostgreSQL San Francisco
On Thursday 23 October 2008 16:03:09 Josh Berkus wrote:
> Robert,
>
> > personally if someone does know that there is a patent, i'd rather we
> > heard about it before we put the code in than after.
>
> 90% of granted patents are invalid. And *nobody* on our mailing lists is
> capable of judging validity *or* infringement.
>
100% of "granted" patents are valid until proven otherwise.
> So you, Robert, are basically encouraging people to troll our lists with
> spurious patent issues. Please stop it, right now.
>
I think that is probably better than encouraging people to add knowlingly
infringing code into our source tree, which is what you, Josh, are basically
doing.
--
Robert Treat
Build A Brighter LAMP :: Linux Apache {middleware} PostgreSQL
On Thu, 23 Oct 2008 13:03:09 -0700 Josh Berkus <josh@agliodbs.com> wrote: > Robert, > So you, Robert, are basically encouraging people to troll our lists > with spurious patent issues. Please stop it, right now. > Easy Josh, you and I both know that isn't Robert's is doing no such thing. I think what Robert is trying to do is remind people of is the relatively recent patent issue this project did have with some of Jan's code. At least that is the first thing I thought of. If there is a patent we "know" about then we need to be mindful of it. I would agree that nobody should be an armchair lawyer. Sincerely, Joshua D. Drake -- The PostgreSQL Company since 1997: http://www.commandprompt.com/ PostgreSQL Community Conference: http://www.postgresqlconference.org/ United States PostgreSQL Association: http://www.postgresql.us/
On Thu, Oct 23, 2008 at 08:08:03PM -0700, Joshua Drake wrote: > such thing. I think what Robert is trying to do is remind people of is > the relatively recent patent issue this project did have with some of > Jan's code. Um, we _didn't_ have a patent issue with any of Jan's code: 1. The "problem" came from someone "helpfully" trolling through the patent database. 2. The "problem" was in respect of a patent that had not even been awarded. 3. The code in the end wasn't suitable anyway, and was removed as a result. Can we please stop playing junior super decoder ring lawyer, and do the things we're good at instead? "Patents in this area" is hardly a basis for search. We don't have an actual implementation proposal, and we have no basis for any comparison with granted (or even pending) patents. The discussion so far has barely even referred to the published literature, which is the complaint I've been making all along. If the problem is that there could be some patent lurking about which we know nothing and the expertise for which we do not have to uncover, I think we should stop throwing rocks at that sleeping dog and let it lie. If someone reviewing, writing, or checking in code knows of something, then do speak up. But otherwise, let's stop with the patent scares. A -- Andrew Sullivan ajs@commandprompt.com +1 503 667 4564 x104 http://www.commandprompt.com/
On Thu, 23 Oct 2008 23:29:35 -0400 Andrew Sullivan <ajs@commandprompt.com> wrote: > > Um, we _didn't_ have a patent issue with any of Jan's code: > According to what you write below, we certainly did have a problem. > 1. The "problem" came from someone "helpfully" trolling through the > patent database. > O.k. > 2. The "problem" was in respect of a patent that had not even been > awarded. But could have or might have. > > 3. The code in the end wasn't suitable anyway, and was removed as a > result. > As I recall it was removed precisely because of the potential patent issue and the new algorithm by chance happen to turn out better than the original implementation. However, it doesn't really matter does it? > Can we please stop playing junior super decoder ring lawyer, and do > the things we're good at instead? I don't believe anyone is doing that, at least I am not. Regardless, my only point was Robert wasn't trolling. If there is a serious concern we can certainly pass it to legal, it isn't like we don't have the resources to do so. Joshua D. Drake -- The PostgreSQL Company since 1997: http://www.commandprompt.com/ PostgreSQL Community Conference: http://www.postgresqlconference.org/ United States PostgreSQL Association: http://www.postgresql.us/
On Thu, Oct 23, 2008 at 09:14:55PM -0700, Joshua Drake wrote: > Regardless, my only point was Robert wasn't trolling. If there is a > serious concern we can certainly pass it to legal, it isn't like we > don't have the resources to do so. It certainly is like we don't have the resources to go through the PostgreSQL code, and all patches that are submitted for major features, and check them against all the patent databases. You are talking about a legal bill that could easily get into the hundreds of thousands, if not millions, of dollars. This entire discussion is mad, because it's based on an idle remark someone made about "several patents" in "this area". The way to deal with patent problems, for free software projects, is to ignore the issue unless you have specific knowledge of a specific infringement. Simply not knowing is a defence: all the patent holder is entitled to when it first contacts you is the removal of the infringement (in other words, the code would have to be removed). Infringement is a matter of law, so if one has specific knowledge of implemented functionality that one suspects _might_ infringe, at that point it would probably be prudent to ask for a legal opinion. If you happen to be committing, writing, or commenting on code that you know has a patent on it (e.g. if you are employed by a company that holds the patent, or have been party to previous dealings with substantially similar functionality that was subject to a patent, or such like), _then_ you should say, "I believe this code infringes patent N, and we shouldn't commit it." But so far, nobody has said one word about any specific feature or any specific patent. What Robert was asking was whether anyone is investigating the vague suggestions futher. The answer is, I hope, "Absolutely not." Looking through the Postgres code for things that might infringe any of the millions of patents that have been granted in all of the jurisdictions of the world is a good way to fund the careers of patent firms, but it's not a good way to help the development of PostgreSQL. Suggesting that people should start looking for such problems was in fact what Robert was saying, and I agree with Josh Berkus that it's a very bad idea to do so. Note that the case of patents is quite different from copyright or trademark violation. (That's not what we're talking about here, but I want to fend off any wandering into the weeds of general discussion about "intellectual property".) The specific case of patents leaves projects made up of ill-funded volunteers such as this one no choice but to remain as ignorant as possible of the state of the patents pending and granted in the project's areas of development. By doing this, in the worst case you remain ignorant, and later get a cease and desist letter. If you start looking for things, you implicitly endorse the view that you have a responsibility to look for infringements in your code. At that point, any bozo can come along and claim you are infringing by virtue of some feature that's been there for years, and that you were negligent in not looking for the infringement in the way that you looked in this other case, where you trolled through the patent databases on the basis of some vague assertion. (Note that we've already seen previous vague assertions about how there could be all manner of possible infringements in the existing code, but nobody's ever checked.) At this point, the bozo will seek damages, and will have an argument -- a weak one, but one that he can probably afford to litigate better than we can. This is an excellent opportunity for someone to end the project through a legal DoS. And don't forget that once one starts finding things, they might turn out to be things that we think are important enough that we need to fight the patent claim. This means lots of work trying to invalidate a patent. Many of these patents are trivial to prove to be derivative, obvious, or not real inventions (because there is ample prior art in the literature). That's not the problem. The problem is that litigating patents is _expensive_ -- it costs much more for a single case than is in the fund at SPI today. So unless we were to find a significant new source of funds or get the services of a good patent firm _pro bono_, I think we'd lose. Even if we do get those funds or patent firms, we could lose: think of the companies that have fallen apart because of the costs of the patent system. And all that time we spend on this distracting fight (that we caused ourselves by looking for things we didn't need to know about) will be distracting us from focussing on the main goal, which is improving PostgreSQL. In conclusion, then, I believe very strongly that participants in this project should avoid borrowing trouble by grovelling through patent databases "to see if anything is relevant". I think that participants in this project should not make vague claims about possible patents that might be relevant. If, on the other hand, they have knowledge of specific patents that might be relevant to specific features, then depending on their familiarity with the patent, they should either ask the funds group to obtain a legal opinion; obtain an opinion themselves, either from their company counsel or at their own expense; or they should state their own familiarity with the patent in question, and state why they believe the offending code infringes. If anyone has such specific issues at present, they haven't said anything as far as I know. Therefore, we should not discuss the matter further. Best regards, A -- Andrew Sullivan ajs@commandprompt.com +1 503 667 4564 x104 http://www.commandprompt.com/
> pending and granted in the project's areas of development. By doing > this, in the worst case you remain ignorant, and later get a cease and > desist letter. If you start looking for things, you implicitly Has anybody thought about how you'd handle a C&D in terms of communicating to users? If somebody at Bob's House of IP Enforcers sends someone on the PG team a C&D that says Feature XYZ violates their patent, and it is found to be true by the PG team - then what? If we imagine just a little further and say that there are various commercial and open source projects, in which the availabilty of Feature XYZ is ingrained into the system - they can't function without it - then what? If PGDG communicated the C&D, then commercial interests could point to the problem and say "that's why you don't use Open Source!" Those who have knowledge of how things actually are would know that it would be an indictment of the patent system itself, but the situation would be one more tool in the bag of tricks of those who want to discourage the use of Open Source in general and PG in particular. I know, preaching to the choir - but is the philosophical issue something we need to hash out and plan for? Thoughts? Cheers, -Josh Kramer ----- http://www.globalherald.net/jb01 GlobalHerald.NET, the Smarter Social Network! (tm)
On Fri, Oct 24, 2008 at 11:14:12AM -0400, Joshua Kramer wrote: > Has anybody thought about how you'd handle a C&D in terms of communicating > to users? If somebody at Bob's House of IP Enforcers sends someone on the > PG team a C&D that says Feature XYZ violates their patent, and it is found > to be true by the PG team - then what? I think such cases have to be dealt with case by case, for exactly the reasons that the rest of your message discusses. And the cost of doing this case by case, and the way that would (fail to) scale, is exactly the reason I think it's a bad idea to go looking for the trouble. A -- Andrew Sullivan ajs@commandprompt.com +1 503 667 4564 x104 http://www.commandprompt.com/
On Friday 24 October 2008 09:28:28 Andrew Sullivan wrote:
> Suggesting that people should start
> looking for such problems was in fact what Robert was saying, and I
> agree with Josh Berkus that it's a very bad idea to do so.
>
I did no such thing. I simply asked if anyone was looking into it. There is no
suggestion for anyone to go and do it if not, I just wanted to know if anyone
was currently doing it... maybe I wanted to tell them to stop.
Further I also said, in far fewer words that what you just dumped out, that if
someone does know about a patent the applies to postgresql code, that it is
best to bring it forward, rather than cover it up. I dont think you disagree
with that. And again, no suggestion to go looking for trouble.
Now, I would say that, IMHO, as the probability approaches 100% that you are
violating a patent, you might want to start to care somewhere before you
actually get to 100%, but I'm not going to speculate on where that line is
exactly. And I suppose it is possible that I mentioned the whole thing
because of the specific feature involved, my knowledge of other databases
systems, and the information that was told to me which I might not have
wanted to go into detail about on a public list...
But if you really think it is more likely that I am trying to get everyone to
start reading through patent databases in there spare time, at this point, I
guess I am comfortable letting you live with that assumption...
--
Robert Treat
Build A Brighter LAMP :: Linux Apache {middleware} PostgreSQL
I know if I had any brains I'd stay out of this but I'm going against my gut. I think the point that's being made is that emails have a life beyond just the immediate read. Ask the tobacco industry about things they put in writing 40 years ago. If this is a conversation that you want to have, do so in a less permanent fashion so 10 years from now it's not used in a court case that otherwise would have no merit. Robert Treat wrote: > On Friday 24 October 2008 09:28:28 Andrew Sullivan wrote: > >> Suggesting that people should start >> looking for such problems was in fact what Robert was saying, and I >> agree with Josh Berkus that it's a very bad idea to do so. >> >> > > I did no such thing. I simply asked if anyone was looking into it. There is no > suggestion for anyone to go and do it if not, I just wanted to know if anyone > was currently doing it... maybe I wanted to tell them to stop. > > Further I also said, in far fewer words that what you just dumped out, that if > someone does know about a patent the applies to postgresql code, that it is > best to bring it forward, rather than cover it up. I dont think you disagree > with that. And again, no suggestion to go looking for trouble. > > Now, I would say that, IMHO, as the probability approaches 100% that you are > violating a patent, you might want to start to care somewhere before you > actually get to 100%, but I'm not going to speculate on where that line is > exactly. And I suppose it is possible that I mentioned the whole thing > because of the specific feature involved, my knowledge of other databases > systems, and the information that was told to me which I might not have > wanted to go into detail about on a public list... > > But if you really think it is more likely that I am trying to get everyone to > start reading through patent databases in there spare time, at this point, I > guess I am comfortable letting you live with that assumption... > >
On Fri, Oct 24, 2008 at 11:35:13AM -0400, Robert Treat wrote: > > I did no such thing. I simply asked if anyone was looking into > it. There is no suggestion for anyone to go and do it if not, I just > wanted to know if anyone was currently doing it... maybe I wanted to > tell them to stop. Ok, glad to have that cleared up. In the original context, this is what I saw: ---snip--- > > Current status of SEPostgres patch: hopeful, but not assured. > Someone mentioned to me that IBM and Oracle have several patents in this area, is anyone looking into that angle? ---snip--- In my ideolect, responding to "status of patch" with "there's this other issue, is anyone looking into it?" connotes (but does not, of course, denote) that the speaker thinks someone _should_ look into it. I appreciate that perhaps in your ideolect that connotation is not present, and my apologies for misunderstanding you. Best, A -- Andrew Sullivan ajs@commandprompt.com +1 503 667 4564 x104 http://www.commandprompt.com/
>>> patent...troll... Shouldn't the project get a legal opinion on how to handle patent issues on the lists? If this project does have access to limited legal resources IMHO it'd be a worthwhile use of those resources to get an educated opinion of when, if, and how patent issues should be raised on both the public (general, hackers) and more private (core) lists.
Ron, > Shouldn't the project get a legal opinion on how to handle patent > issues on the lists? You're right, we should publish this somewhere. If you believe that you have knowledge of a specific, genuine infringement, then you should send the information you have to pgsql-core (and not to a public mailing list). Core will then seek legal help if it looks like the risk is serious. Any idea where we could put that policy up that people would see it? -- Josh Berkus PostgreSQL San Francisco
On Sat, 25 Oct 2008 20:49:16 -0700 Josh Berkus <josh@agliodbs.com> wrote: > Ron, > > > Shouldn't the project get a legal opinion on how to handle patent > > issues on the lists? > > You're right, we should publish this somewhere. If you believe that > you have knowledge of a specific, genuine infringement, then you > should send the information you have to pgsql-core (and not to a > public mailing list). Core will then seek legal help if it looks > like the risk is serious. > > Any idea where we could put that policy up that people would see it? > We can put it on the wiki and lock the page. -- The PostgreSQL Company since 1997: http://www.commandprompt.com/ PostgreSQL Community Conference: http://www.postgresqlconference.org/ United States PostgreSQL Association: http://www.postgresql.us/
On Sat, Oct 25, 2008 at 10:28:43PM -0700, Joshua Drake wrote: > On Sat, 25 Oct 2008 20:49:16 -0700 > Josh Berkus <josh@agliodbs.com> wrote: > > > Ron, > > > > > Shouldn't the project get a legal opinion on how to handle patent > > > issues on the lists? > > > > You're right, we should publish this somewhere. If you believe that > > you have knowledge of a specific, genuine infringement, then you > > should send the information you have to pgsql-core (and not to a > > public mailing list). Core will then seek legal help if it looks > > like the risk is serious. > > > > Any idea where we could put that policy up that people would see it? > > > > We can put it on the wiki and lock the page. Developer FAQ? //Magnus
On Oct 25, 2008, at 8:49 PM, Josh Berkus wrote: > Ron, > >> Shouldn't the project get a legal opinion on how to handle patent >> issues on the lists? > > You're right, we should publish this somewhere. If you believe that > you have > knowledge of a specific, genuine infringement, then you should send > the > information you have to pgsql-core (and not to a public mailing > list). Core > will then seek legal help if it looks like the risk is serious. > > Any idea where we could put that policy up that people would see it? "Don't kill -9 the postmaster or send patents to the mailing list!" Cheers, Steve