|Main Archive Page > Month Archives > selinux archives|
Thanks for the update. Questions inline.
2010/12/7 KaiGai Kohei <firstname.lastname@example.org>:
> I'd like to report the recent status of SE-PostgreSQL development,
> since I guess few number of people subscribing pgsql-hackers list.
> Now, the pgsql community is working on new features to the upcoming
> v9.1 releases. Although we don't come up the feature freeze yet,
> several fundamental features to support selinux are already merged,
> and these shall be released within the v9.1 release.
> The v9.1 of pgsql shall support label based mandatory access control
> by external security providers.
> The external security provider is a similar concept to LSM.
> It allows plugin modules to make access control decision based on
> its access control model such as SELinux, and the core pgsql calls
> the modules via security hooks.
> So, SE-PostgreSQL is now implemented as a plugin module of pgsql.
> Anyway, the upcoming v9.1 shall provide a mechanism to assign
> security label of database objects and security hooks on various
> strategic points (but not comprehensive yet).
Could you expand upon exactly what you mean here? Since this is not
'comprehensive' does that imply potential vulnerabilities?
> We will be able to assign security label using SECURITY LABEL
> statement in SQL (original enhancement of pgsql) by hand.
> It allows us to assign a certain label on a certain database
> objects. The given label is validated by plugin modules, then
> stored within system catalogs.
> In addition, post-object-creation hook enables to assign a default
> security label of the new database object on the creation time.
> Here are other new hooks; 'ExecutorCheckPerms' hook enables to
> make access control decision on DML statements (SELECT, UPDATE,
> INSERT and DELETE), 'ClientAuthentication' hook enables to
> obtain security label of the peer process using getpeercon(3)
> at beginning of the session, 'object_access' hook will enable
> to handle DDL permissions but not comprehensive yet.
> I expect a limited functionalities will be available in the
> v9.1 of PostgreSQL. It will be far from production level,
> but a great step towards the full features.
> The v9.1 will have feature freeze at the 15-Jun, then it may be
> released half years later. At the same time, merge window to the
> v9.2 will be open. So, I'll upstream rest of features; such as
> comprehensive DDL permissions, row-level access controls and so on.
> KaiGai Kohei <email@example.com>
> This message was distributed to subscribers of the selinux mailing list.
> If you no longer wish to subscribe, send mail to firstname.lastname@example.org with
> the words "unsubscribe selinux" without quotes as the message.
-- This message was distributed to subscribers of the selinux mailing list. If you no longer wish to subscribe, send mail to email@example.com with the words "unsubscribe selinux" without quotes as the message.