Re: Proposal of SE-PostgreSQL patches (for CommitFest:Sep)

Поиск
Список
Период
Сортировка
От KaiGai Kohei
Тема Re: Proposal of SE-PostgreSQL patches (for CommitFest:Sep)
Дата
Msg-id 48D31747.3030304@ak.jp.nec.com
обсуждение исходный текст
Ответ на Re: Proposal of SE-PostgreSQL patches (for CommitFest:Sep)  (KaiGai Kohei <kaigai@ak.jp.nec.com>)
Ответы Re: Proposal of SE-PostgreSQL patches (for CommitFest:Sep)
Re: Proposal of SE-PostgreSQL patches (for CommitFest:Sep)
Список pgsql-hackers
Дерево обсуждения 
At the CommitFest:Sep, I got several comments about SE-PostgreSQL from Peter.
(Thanks for your comments.)
He asked me several questions about its concept, then I replied for them.
However, it seems to me there is a difference in our opinions.

In my opinion, it is quite natural that different security mechanisms can
have differences in its decision making, its gulanuality and its scope.
But he concerned that SE-PostgreSQL provides fine-grained access control
feature, though the native PostgreSQL does not provide it yet.
> *) Row-level security, column-level security and so on should in my mind> first exist as a native SQL-level feature.
Itwould be hard to explain> that PostgreSQL does not have column-level GRANT privileges but that you> can achieve the
sameif you go through SELinux.
 

I don't know his current opinion.
But I think it is not worthful to stop making a progress due to
differences in opinions. So, I think there are the following three
options to solve the issue.


[1] Make a consensus that different security mechanisms have differences    in its decision making, its gulanuality and
itsscope
 

I think it is the most straightforward answer.
As operating system doing, DAC and MAC based access controls should be
independently applied on accesses from users, and this model is widely
accepted.
These facilities can also have different results, gulanualities and scopes.


[2] Make a new implementation of OS-independent fine grained access control

If it is really really necessary, I may try to implement a new separated
fine-grained access control mechanism due to the CommitFest:Nov.
However, we don't have enough days to develop one more new feature from
the scratch by the deadline.


[3] Restrict functionalities of SE-PostgreSQL

It is the most laughable idea.
If SE-PostgreSQL lose its fine-grained access control feature, both of
access control features have same gulanualities at least.
But it makes unmotivate me so much. I believe no one agree this option.


I want any comments on this topic.
Thanks,
-- 
OSS Platform Development Division, NEC
KaiGai Kohei <kaigai@ak.jp.nec.com>

В списке pgsql-hackers по дате отправления:

Предыдущее
От: Tom Lane
Дата:
Сообщение: Re: Common Table Expressions (WITH RECURSIVE) patch
Следующее
От: "Jeffrey Baker"
Дата:
Сообщение: 8.3.1 autovacuum stopped doing anything months ago