"Joshua D. Drake" <jd@commandprompt.com> writes:
> On Mon, 2009-11-30 at 20:28 -0800, David Fetter wrote:
>> This is totally separate from the really important question of whether
>> SE-Linux has a future, and another about whether, if SE-Linux has a
>> future, PostgreSQL needs to go there.
> Why would we think that it doesn't?
Have you noticed anyone except Red Hat taking it seriously?
I work for Red Hat and have drunk a reasonable amount of the SELinux
koolaid, but I can't help observing that it's had very limited uptake
outside Red Hat. It's not clear that there are many people who find
it a cost-effective solution to their problems. As for the number of
people prepared to write custom policy for it --- which would be
required to use it effectively for almost any PG application ---
I could probably hold a house party for all of them and not break a
sweat serving drinks.
regards, tom lane