Re: 8.4 release planning

Ron Mayer <rm_pg@cheapcomplexdevices.com>

From: Ron Mayer <rm_pg@cheapcomplexdevices.com>
To: Tom Lane <tgl@sss.pgh.pa.us>
Cc: Josh Berkus <josh@agliodbs.com>, "Joshua D. Drake" <jd@commandprompt.com>, Robert Haas <robertmhaas@gmail.com>, Merlin Moncure <mmoncure@gmail.com>, "Jonah H. Harris" <jonah.harris@gmail.com>, Gregory Stark <stark@enterprisedb.com>, Simon Riggs <simon@2ndQuadrant.com>, Bruce Momjian <bruce@momjian.us>, Bernd Helmle <mailings@oopsware.de>, Peter Eisentraut <peter_e@gmx.net>, pgsql-hackers@postgresql.org
Date: 2009-01-27T00:31:48Z
Lists: pgsql-hackers
Tom Lane wrote:
> The problem, in words of one syllable, is that we are not sure we want
> it.  Do you see a user community clamoring for SEPostgres, or a hacker

This is a chicken-and-egg type of problem.

Security-conscious users, applications, hackers, and customers will
flock towards whichever database product leads in that area.

If some hypothetical database has only minimal security features, I
imagine few security experts would spend a lot of time with the database.

> The second problem is that we're not sure it's really the right thing,
> because we have no one who is competent to review the design from a
> security standpoint.  But unless we get past the first problem the
> second one is moot.

Are we underestimating Kaigai Kohei?  I seem to see him credited on
the NSA's SELinux pages:
   http://www.nsa.gov/research/selinux/contrib.shtml

and it seems his patches there related to postgresql were pretty widely
discussed on the SELinux lists:
  http://www.nsa.gov/research/selinux/list-archive/0805/index.shtml#26163