-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 On Sat, 29 Dec 2007 14:40:29 -0500 (EST) Greg Smith <[EMAIL PROTECTED]> wrote:
> On Sat, 29 Dec 2007, Joshua D. Drake wrote: > > > http://code.google.com/p/sepgsql/ > > ??? > > Getting that to work required some obtrusive changes to the source > code, which they've only done to 8.2.4. Even that doesn't seem to be > production-quality and it's not clear how that will make its way into > newer versions yet. "they've" has the potential to be "we"... As I recall the individual made a reasonable effort to introduce the work that he was doing to the community. http://archives.postgresql.org/pgsql-hackers/2007-03/msg00271.php http://archives.postgresql.org/pgsql-hackers/2007-04/msg00664.php > > The job here is to work on the SELinux policies for PostgreSQL. You > can't just re-use whatever work has gone into the SE-PostgreSQL ones, > because those presume you're using their modified server instead of > the regular one. Fair enough. I was just trying to offer a source to start with. > But unless > there's somebody else with a burning need to work on this area I > doubt that will happen--there's nothing about SELinux that anybody > does just for fun. Ya think? :P I recognize that this "SE PGSQL" has the potential to be a portability nightmare (as it only works on linux) but it certainly has potential to give us a leg up on a lot of work. Anyway, not saying its good code but I did read the docs and it sure looks cool. Sincerely, Joshua D. Drake - -- The PostgreSQL Company: Since 1997, http://www.commandprompt.com/ Sales/Support: +1.503.667.4564 24x7/Emergency: +1.800.492.2240 Donate to the PostgreSQL Project: http://www.postgresql.org/about/donate SELECT 'Training', 'Consulting' FROM vendor WHERE name = 'CMD' -----BEGIN PGP SIGNATURE----- Version: GnuPG v1.4.6 (GNU/Linux) iD8DBQFHdqriATb/zqfZUUQRAk73AJ9/Gy2+5mjxBsbEZHyCycp/HgwR0wCfYHPw TaLkLocBWGpgP0Z7T+IaaWA= =0Zwj -----END PGP SIGNATURE----- ---------------------------(end of broadcast)--------------------------- TIP 1: if posting/reading through Usenet, please send an appropriate subscribe-nomail command to [EMAIL PROTECTED] so that your message can get through to the mailing list cleanly