Re: [PATCH] SE-PostgreSQL Security Policy

All of lore.kernel.org
 help / color / mirror / Atom feed

From: KaiGai Kohei <kaigai@kaigai.gr.jp>
To: "Christopher J. PeBenito" <cpebenito@tresys.com>
Cc: Kohei KaiGai <kaigai@ak.jp.nec.com>, selinux@tycho.nsa.gov
Subject: Re: [PATCH] SE-PostgreSQL Security Policy
Date: Wed, 05 Mar 2008 00:16:27 +0900	[thread overview]
Message-ID: <47CD67CB.3060305@kaigai.gr.jp> (raw)
In-Reply-To: <47C5189B.9070500@ak.jp.nec.com>

Kohei KaiGai wrote:
> The attached patch provides security policies related to SE-PostgreSQL.
> 
> The followings are updates/unchanges from the previous version submitted
> at two weeks ago. These updates replaced most of the part in the previous
> one.
> 
> - The targets of this patch are moved to services/postgresql.*,
>   although the previous one added new entries.
> - Any interface got slim. They contains only one TYPEATTRIBUTE
>   statement, and postgresql.te allows most of permissions to
>   the associated attributes.
> * Tunables to turn on/off audit are remained now, because database
>   folks told me fine-grained logs are worthwhile feature.
> 
> Any comment please,
> 
> Thanks,

Chris,

What is the current status of the patch?

>>> Just like with the X server, I don't believe that sepostgres should have
>>> its own module.
>>
>> OK, I'll make next one as a patch for services/postgresql.*.
>>
>>> At first glance, there appears to be too many
>>> attributes.  I'm guessing that you're doing the same thing that is done
>>> with the *_unconfined() interfaces.  We mainly do that to optimize size
>>> since unconfined brings in so many rules.
>>
>> OK, I'll replace current interfaces by the following style's one.
>>
>> interface(`sepostgresql_unconfined',`
>>         gen_require(`
>>                 attribute sepostgresql_unconfined_type;
>>         ')
>>         typeattribute $1 sepostgresql_unconfined_type;
>> ')
>>
>>> I also see references to types and attributes that belong do the module.
>>
>> Is it unlabel_t and system_r?
>> Where is the best place to associate them with my local policy?
>>
>>  > Also the auditing
>>> tunables seem unneeded; they seem to be more for debugging use.  I think
>>> I can get a better handle on the policy with these revisions.
>>
>> Hmm...
>> The reason why I added these tunables is that database folks told me
>> that collecting logs in column/tuple level is an attractive feature,
>> because native DBMS cannot provide fine-grained access control and
>> cannot collect logs in these level.
>> Thus, I believe the feature to turn on/off auditing readily should
>> be remained.
>>
>> Thanks,
> 
> 


-- 
KaiGai Kohei <kaigai@kaigai.gr.jp>

--
This message was distributed to subscribers of the selinux mailing list.
If you no longer wish to subscribe, send mail to majordomo@tycho.nsa.gov with
the words "unsubscribe selinux" without quotes as the message.

next prev parent reply	other threads:[~2008-03-04 15:16 UTC|newest]

Thread overview: 34+ messages / expand[flat|nested]  mbox.gz  Atom feed  top
2008-02-13  9:29 [PATCH] SE-PostgreSQL Security Policy Kohei KaiGai
2008-02-25 16:30 ` Christopher J. PeBenito
2008-02-26  3:07   ` Kohei KaiGai
2008-02-27  8:00     ` Kohei KaiGai
2008-03-04 15:16       ` KaiGai Kohei [this message]
2008-03-06 15:27       ` Christopher J. PeBenito
2008-03-06 18:51         ` Joshua Brindle
2008-03-07  2:20           ` Kohei KaiGai
2008-03-07 16:16             ` Joshua Brindle
2008-03-08  1:33               ` KaiGai Kohei
2008-03-07  1:52         ` Kohei KaiGai
2008-03-07  9:32           ` Kohei KaiGai
2008-03-07 20:48           ` Christopher J. PeBenito
2008-03-09 14:24             ` KaiGai Kohei
2008-03-11 12:57               ` Christopher J. PeBenito
2008-03-11 16:57                 ` KaiGai Kohei
2008-03-12  8:42                   ` Kohei KaiGai
2008-03-17  9:31                 ` [PATCH] SE-PostgreSQL Security Policy (try #3) Kohei KaiGai
2008-03-19 14:45                   ` Christopher J. PeBenito
2008-03-21  4:32                     ` KaiGai Kohei
2008-03-21  5:11                       ` KaiGai Kohei
2008-03-24 18:44                       ` Christopher J. PeBenito
2008-03-25 10:35                         ` KaiGai Kohei
2008-03-25 13:24                           ` Christopher J. PeBenito
2008-03-27  9:52                             ` KaiGai Kohei
2008-03-27 13:23                               ` Christopher J. PeBenito
2008-03-28  4:50                                 ` KaiGai Kohei
2008-05-05 13:48                                   ` Christopher J. PeBenito
2008-05-12  2:31                                     ` KaiGai Kohei
2008-05-12 14:33                                       ` KaiGai Kohei
     [not found]                                         ` <1210615044.11188.17.camel@gorn>
2008-05-13  2:39                                           ` KaiGai Kohei
2008-03-10  7:52           ` [PATCH] SE-PostgreSQL Security Policy Kohei KaiGai
2008-03-11 12:30             ` Christopher J. PeBenito
2008-03-11 13:03               ` KaiGai Kohei

Reply instructions:

You may reply publicly to this message via plain-text email
using any one of the following methods:

* Save the following mbox file, import it into your mail client,
  and reply-to-all from there: mbox

  Avoid top-posting and favor interleaved quoting:
  https://en.wikipedia.org/wiki/Posting_style#Interleaved_style

* Reply using the --to, --cc, and --in-reply-to
  switches of git-send-email(1):

  git send-email \
    --in-reply-to=47CD67CB.3060305@kaigai.gr.jp \
    --to=kaigai@kaigai.gr.jp \
    --cc=cpebenito@tresys.com \
    --cc=kaigai@ak.jp.nec.com \
    --cc=selinux@tycho.nsa.gov \
    /path/to/YOUR_REPLY

  https://kernel.org/pub/software/scm/git/docs/git-send-email.html

* If your mail client supports setting the In-Reply-To header
  via mailto: links, try the mailto: link

Be sure your reply has a Subject: header at the top and a blank line before the message body.

This is an external index of several public inboxes,
see mirroring instructions on how to clone and mirror
all data and code used by this external index.