Thanks for the update. Questions inline. 2010/12/7 KaiGai Kohei <kaigai@xxxxxxxxxxxxx>: > I'd like to report the recent status of SE-PostgreSQL development, > since I guess few number of people subscribing pgsql-hackers list. > > Now, the pgsql community is working on new features to the upcoming > v9.1 releases. Although we don't come up the feature freeze yet, > several fundamental features to support selinux are already merged, > and these shall be released within the v9.1 release. > > The v9.1 of pgsql shall support label based mandatory access control > by external security providers. > The external security provider is a similar concept to LSM. > It allows plugin modules to make access control decision based on > its access control model such as SELinux, and the core pgsql calls > the modules via security hooks. > > So, SE-PostgreSQL is now implemented as a plugin module of pgsql. > > Anyway, the upcoming v9.1 shall provide a mechanism to assign > security label of database objects and security hooks on various > strategic points (but not comprehensive yet). Could you expand upon exactly what you mean here? Since this is not 'comprehensive' does that imply potential vulnerabilities? > > We will be able to assign security label using SECURITY LABEL > statement in SQL (original enhancement of pgsql) by hand. > It allows us to assign a certain label on a certain database > objects. The given label is validated by plugin modules, then > stored within system catalogs. > In addition, post-object-creation hook enables to assign a default > security label of the new database object on the creation time. > > Here are other new hooks; 'ExecutorCheckPerms' hook enables to > make access control decision on DML statements (SELECT, UPDATE, > INSERT and DELETE), 'ClientAuthentication' hook enables to > obtain security label of the peer process using getpeercon(3) > at beginning of the session, 'object_access' hook will enable > to handle DDL permissions but not comprehensive yet. > > I expect a limited functionalities will be available in the > v9.1 of PostgreSQL. It will be far from production level, > but a great step towards the full features. > > The v9.1 will have feature freeze at the 15-Jun, then it may be > released half years later. At the same time, merge window to the > v9.2 will be open. So, I'll upstream rest of features; such as > comprehensive DDL permissions, row-level access controls and so on. > > Thanks, > -- > KaiGai Kohei <kaigai@xxxxxxxxxxxxx> > > -- > This message was distributed to subscribers of the selinux mailing list. > If you no longer wish to subscribe, send mail to majordomo@xxxxxxxxxxxxx with > the words "unsubscribe selinux" without quotes as the message. > Ted -- This message was distributed to subscribers of the selinux mailing list. If you no longer wish to subscribe, send mail to majordomo@xxxxxxxxxxxxx with the words "unsubscribe selinux" without quotes as the message.
