Robert Haas wrote:
> > This is no harder than many of the other seemingly crazy things I have
> > done, e.g. Win32 port, client library threading. ?If this is a feature
> > we should have, I will get it done or get others to help me complete the
> > task.
>
> Well, I have always thought that it would be sort of a feather in our
> cap to support this, which is why I've done a couple of reviews of it
> in the past. I tend to agree with Tom that only a small fraction of
> our users will probably want it, but then again someone's been paying
> KaiGai to put a pretty hefty amount of work into this over the last
> year-plus, so obviously someone not only wants the feature but wants
> it merged. Within our community, I think that there have been a lot
> of people who have liked the concept of this feature but very few who
> have liked the patch, so there's somewhat of a disconnect between our
> aspirations and our better technical judgment. Tom is a notable
> exception who I believe likes neither the concept nor the patch, which
> is something we may need to resolve before getting too serious about
> this.
Agreed. SE-Linux support might expand our user base and give us
additional credibility, or it might be a feature that few people use ---
and I don't think anyone knows the outcome.
I wonder if we should rephrase this as, "How hard will this feature be
to add, and how hard will it be to remove in a few years if we decide we
don't want it?" SE-Linux support would certainly put Postgres in a
unique security category, and it builds on our existing good security
reputation.
Personally, I think AppArmor is a saner security system:
http://www.novell.com/linux/security/apparmor/selinux_comparison.html(Novell-hosted URL)
but I am not advocating AppArmor support. I think the whole issue is
whether support for external integrated security systems is appropriate
for Postgres.
-- Bruce Momjian <bruce@momjian.us> http://momjian.us EnterpriseDB
http://enterprisedb.com
+ If your life is a hard drive, Christ can be your backup. +