Andrew Dunstan wrote: > I think you have been remarkably good about our caution in accepting > this. You certainly have my admiration for your patience.
Agreed. > What would probably help us a lot would be to know some names of large > users who want and will support this. NEC's name is a good start, but if > a few other enterprise users spoke up it would help to make the decision > a lot easier. I think the open questions we have now are: o Is SE-Linux appropriate technology for Postgres? o Does SE-Linux have a sufficient user base or potential user base to justify the additional code? o Can the code be maintained? And we have some partial answers. SE-Linux seems like the most popular of the security frameworks. There are a number of identified potential users, though we are looking to hear about more of them. Third, KaiGai is being paid by NEC to do this work and has shown to be extraordinarily dedicated to this feature. He has also offered to get other SE-Linux people involved in any patch review. I think the PostGIS example mentioned earlier is a good one. We did make some minor adjustments years ago to make things easier for them, but we had the luxury of having PostGIS be able to be developed outside of our main tree. I think with the current posted patch we have some of that benefit in that most of the code is in SE-Linux-specific directories, but the code outside those directories does have to be maintained. -- Bruce Momjian <br...@momjian.us> http://momjian.us EnterpriseDB http://enterprisedb.com + If your life is a hard drive, Christ can be your backup. + -- Sent via pgsql-hackers mailing list (pgsql-hackers@postgresql.org) To make changes to your subscription: http://www.postgresql.org/mailpref/pgsql-hackers