| From: | "Robert Haas" <robertmhaas(at)gmail(dot)com> |
|---|---|
| To: | "KaiGai Kohei" <kaigai(at)ak(dot)jp(dot)nec(dot)com> |
| Cc: | "Peter Eisentraut" <peter_e(at)gmx(dot)net>, pgsql-hackers(at)postgresql(dot)org, "KaiGai Kohei" <kaigai(at)kaigai(dot)gr(dot)jp>, "Tom Lane" <tgl(at)sss(dot)pgh(dot)pa(dot)us>, "Bruce Momjian" <bruce(at)momjian(dot)us> |
| Subject: | Re: Updates of SE-PostgreSQL 8.4devel patches (r1268) |
| Date: | 2008-12-12 03:11:43 |
| Message-ID: | 603c8f070812111911s10041b41l13624845ec41ca15@mail.gmail.com |
| Views: | Raw Message | Whole Thread | Download mbox | Resend email |
| Thread: | |
| Lists: | pgsql-hackers |
> This idea allows to compile two or more security mechanism in the same binary,
> and adds a configuration parameter to choose a security mechanism on its startup
> time. So, a single security mechanism chosen works in same time, but multiple
> security mechanisms are built in compile time.
This is a good idea.
> Again, I cannot think it is a good idea to pack several values into a field.
I don't either. I think we need two fields. I can't imagine anyone
making a serious argument that we need to simultaneously support more
than one MAC system: you pick EITHER SELinux or Trusted Solaris, not
both.
But I can sure imagine someone wanting both MAC and DAC.
...Robert
| From | Date | Subject | |
|---|---|---|---|
| Next Message | Tom Lane | 2008-12-12 03:12:41 | Re: benchmarking the query planner |
| Previous Message | Robert Haas | 2008-12-12 03:04:51 | Re: benchmarking the query planner |