On Jul 15, 2009, at 11:41 PM, KaiGai Kohei <kaigai@ak.jp.nec.com> wrote:
> Robert Haas wrote:
>> 2009/7/15 KaiGai Kohei <kaigai@ak.jp.nec.com>:
>>> Robert Haas wrote:
>>>> 2009/7/14 KaiGai Kohei <kaigai@ak.jp.nec.com>:
>>>>> On the other hand, db_schema class was designed as an analogy to
>>>>> directoty in filesystems. SELinux defines several permissions on
>>>>> "dir" object class, such as "add_name", "remove_name" and
>>>>> "search".
>>>> I think that's a bad analogy and you need to make the permission
>>>> names
>>>> match the way PostgreSQL handles schema permissions generally.
>>>> There's only so many times and ways to says this...
>>> OK...
>>> I can replace "search" by "usage".
>>>
>>> Do you have any alternative ideas for "add_name" and "remove_name"?
>>
>> Aack! Come on! Use whatever names those permissions already have!
>> If there are no corresponding names, then rip them out!!!
>
> OK, I'll rip definitions of unused SELinux's permissions from
> the permission table of SE-PgSQL.
>
> Is it correct for what you say?
So the point we keep repeating here is that SEPostgreSQL should be
doing the same kinds of permissions checks as regular PostgreSQL using
the same names, code paths, etc. I don't know how to say it any more
clearly than that.
I will read through your latest version soon.
...Robert