Re: Updates of SE-PostgreSQL 8.4devel patches (r1197)
От | Simon Riggs |
---|---|
Тема | Re: Updates of SE-PostgreSQL 8.4devel patches (r1197) |
Дата | |
Msg-id | 1226143241.27904.246.camel@ebony.2ndQuadrant обсуждение исходный текст |
Ответ на | Re: Updates of SE-PostgreSQL 8.4devel patches (r1197) (KaiGai Kohei <kaigai@kaigai.gr.jp>) |
Ответы |
Re: Updates of SE-PostgreSQL 8.4devel patches (r1197)
|
Список | pgsql-hackers |
On Sat, 2008-11-08 at 18:58 +0900, KaiGai Kohei wrote: > This document gives us some of hints to be considered when we > apply mandatory access control facilities on database systems. > > However, it is not a specification of SE-PostgreSQL. > The series of documents assumes traditional multi-level-security > system, so it does not care about flexible policy, type-enforcement > rules and collaborating with operating system. I'm sorry, but I don't understand your answer. The wiki seemed to indicate, to me, that the FK situation was a problem, so I was trying to provide a solution. Personally, I could live with it either way. But the important thing is: will this aspect prevent SEPostgreSQL from achieving Common Criteria certification, or not? If it will pass, then I'm happy, even if a different, better solution exists. If it will fail, then we must act. I'm not qualified to say what will happen, but it would be good to see a very clear answer on this. If it was already resolved, then please accept my apologies for raising the issue again. Please could you update the Wiki docs to explain the agreed resolution, its reasons and references? The design choices we make will be questioned again in the future, so it will be good to have them clear. Thanks. -- Simon Riggs www.2ndQuadrant.comPostgreSQL Training, Services and Support
В списке pgsql-hackers по дате отправления: