| From: | Robert Haas <robertmhaas(at)gmail(dot)com> |
|---|---|
| To: | Stephen Frost <sfrost(at)snowman(dot)net> |
| Cc: | Bruce Momjian <bruce(at)momjian(dot)us>, Tom Lane <tgl(at)sss(dot)pgh(dot)pa(dot)us>, Magnus Hagander <magnus(at)hagander(dot)net>, Chad Sellers <csellers(at)tresys(dot)com>, "David P(dot) Quigley" <dpquigl(at)tycho(dot)nsa(dot)gov>, Josh Berkus <josh(at)agliodbs(dot)com>, KaiGai Kohei <kaigai(at)ak(dot)jp(dot)nec(dot)com>, jd <jd(at)commandprompt(dot)com>, David Fetter <david(at)fetter(dot)org>, Itagaki Takahiro <itagaki(dot)takahiro(at)oss(dot)ntt(dot)co(dot)jp>, KaiGai Kohei <kaigai(at)kaigai(dot)gr(dot)jp>, pgsql-hackers <pgsql-hackers(at)postgresql(dot)org> |
| Subject: | Re: Adding support for SE-Linux security |
| Date: | 2009-12-15 15:03:54 |
| Message-ID: | 603c8f070912150703p567cd6fev2c4a38dac10a47cf@mail.gmail.com |
| Views: | Raw Message | Whole Thread | Download mbox | Resend email |
| Thread: | |
| Lists: | pgsql-hackers |
On Mon, Dec 14, 2009 at 10:21 PM, Stephen Frost <sfrost(at)snowman(dot)net> wrote:
> Bruce,
>
> * Bruce Momjian (bruce(at)momjian(dot)us) wrote:
>> You are fine. I was just saying that at a time I was one of the few
>> loud voices on this, and if this is going to happen, it will be because
>> we have a team that wants to do this, not because I am being loud. I
>> see the team forming nicely.
>
> Not to rain down on the parade too much here, but I have to disagree
> about a team forming nicely. That's, unfortunately, what it looks like
> from the 10k-foot level. Indeed, it looks like we're making good
> headway to get some kind of support into core from that level.
>
> The reality is that we've barely started and really have still got
> quite a ways to go and it would really be useful to bring in additional
> resources on this. I wouldn't consider myself to be that "additional
> resource" unless and until I can get funding for dedicated time (either
> my own or someone else's). I've got a few action items that I'm
> planning to resolve in the next few weeks, but I've been involved in
> this for over a year now and it hasn't made much progress, overall, in
> that time.
I completely agree. Many people have spent substantial time trying to
help KaiGai extract a committable patch from his work, and that effort
has not been successful. What I am concerned about is that by
continuing to spend time on KaiGai's work, we are wasting a lot of
community resources to no good end. It may be the case that even if
we had a patch that was technically excellent, the community would
decide that the amount of future maintenance that this feature would
require is not warranted by the number of users it would attract. Tom
is the only really vocal advocate that I'm aware of for that position,
but there may well be other people who feel similarly.
But these patches are, unfortunately, not technically excellent.
There have been multiple reviews of these patches that have produced
extensive laundry lists of items to be fixed. In the ordinary course
of events, that leads to one of two things happening: either the patch
author fixes most or all the problems and comes back with a patch that
shows marked improvement, or he or she gives up. This patch is unique
in my experience in that it has gone through - I believe - six
CommitFests now without either of those things happening. Not that
there hasn't been any improvement, but the ratio of reviewing-work to
improvement seems to be much higher than what is typical for us. Like
Stephen, I believe we need some additional resources who can improve
that ratio before we can really make a push to get this done.
...Robert
| From | Date | Subject | |
|---|---|---|---|
| Next Message | Robert Haas | 2009-12-15 15:06:28 | Re: Range types |
| Previous Message | Tom Lane | 2009-12-15 15:02:04 | Re: Compiling HEAD with -Werror int 64-bit mode |