From: KaiGai Kohei <kaigai@kaigai.gr.jp>
To: Joshua Brindle <method@manicmethod.com>
Cc: KaiGai Kohei <kaigai@ak.jp.nec.com>,
"Christopher J. PeBenito" <cpebenito@tresys.com>,
refpolicy@oss.tresys.com, selinux@tycho.nsa.gov
Subject: Re: [refpolicy] [RFC] Security policy reworks for SE-PostgreSQL
Date: Sun, 05 Apr 2009 09:52:39 +0900 [thread overview]
Message-ID: <49D800D7.7060609@kaigai.gr.jp> (raw)
In-Reply-To: <49D651A7.1000703@manicmethod.com>
Joshua Brindle wrote:
>> Again, I would like to get the reworks merged in this timing.
>> (In addition, it also makes RUBIX happy on Fedora 11 or later.)
>>
>
> Fedora 11 is already frozen, new object classes shouldn't be working their way
> in to that, so we have a release cycle to adjust the permissions to match the
> implementation, both on the upstream sepostgres side and the RUBIX side before
> pushing those in to refpolicy.
Hmm... It would seem that I need to provide a development purpose
security policy package in the meanwhile.
The next development cycle in PostgreSQL will be open soon:
http://wiki.postgresql.org/wiki/CommitFest_2009-First
I'll propose the newer design for the commit fest, but also continue
to maintain the current design on Fedora as far as the security policy
keeps existing object classes and permissions.
I believe the current design should be switched to the newer one
at some point in the future. In my hope, it should be done on
Fedora 12.
> Once some implementation starts and the security model settles it may be a
> different story, I just don't think it is appropriate to merge them at this
> point. (In particular I want to see if the new proposed object classes and perms
> will really work for RUBIX, and I want to see how much of the patch the upstream
> postgres project will take for the next release).
I also would like Andy to report whether the RUBIX with newer design and
security policy performs well, or not.
The development purpose security policy which contains newer object classes
and permissions will be available soon.
> As it stands we are going to have 3 selinux aware databases floating around
> using slightly different object classes and permissions, which is not ideal.
Agreed.
> Having all those in upstream refpolicy means it is harder to change them and the
> unused permissions are going to sit there causing confusion (even worse, they'll
> be unused by 2 of the 3 systems but still in use by the previous version of
> sepostgres).
I think the current design should be deprecated in the lifespan of distribution
if the upstream refpolicy once gets newer design.
In finally, I believe only 2 of the system can share the design.
Thanks,
--
KaiGai Kohei <kaigai@kaigai.gr.jp>
--
This message was distributed to subscribers of the selinux mailing list.
If you no longer wish to subscribe, send mail to majordomo@tycho.nsa.gov with
the words "unsubscribe selinux" without quotes as the message.
WARNING: multiple messages have this Message-ID (diff)
From: kaigai@kaigai.gr.jp (KaiGai Kohei)
To: refpolicy@oss.tresys.com
Subject: [refpolicy] [RFC] Security policy reworks for SE-PostgreSQL
Date: Sun, 05 Apr 2009 09:52:39 +0900 [thread overview]
Message-ID: <49D800D7.7060609@kaigai.gr.jp> (raw)
In-Reply-To: <49D651A7.1000703@manicmethod.com>
Joshua Brindle wrote:
>> Again, I would like to get the reworks merged in this timing.
>> (In addition, it also makes RUBIX happy on Fedora 11 or later.)
>>
>
> Fedora 11 is already frozen, new object classes shouldn't be working their way
> in to that, so we have a release cycle to adjust the permissions to match the
> implementation, both on the upstream sepostgres side and the RUBIX side before
> pushing those in to refpolicy.
Hmm... It would seem that I need to provide a development purpose
security policy package in the meanwhile.
The next development cycle in PostgreSQL will be open soon:
http://wiki.postgresql.org/wiki/CommitFest_2009-First
I'll propose the newer design for the commit fest, but also continue
to maintain the current design on Fedora as far as the security policy
keeps existing object classes and permissions.
I believe the current design should be switched to the newer one
at some point in the future. In my hope, it should be done on
Fedora 12.
> Once some implementation starts and the security model settles it may be a
> different story, I just don't think it is appropriate to merge them at this
> point. (In particular I want to see if the new proposed object classes and perms
> will really work for RUBIX, and I want to see how much of the patch the upstream
> postgres project will take for the next release).
I also would like Andy to report whether the RUBIX with newer design and
security policy performs well, or not.
The development purpose security policy which contains newer object classes
and permissions will be available soon.
> As it stands we are going to have 3 selinux aware databases floating around
> using slightly different object classes and permissions, which is not ideal.
Agreed.
> Having all those in upstream refpolicy means it is harder to change them and the
> unused permissions are going to sit there causing confusion (even worse, they'll
> be unused by 2 of the 3 systems but still in use by the previous version of
> sepostgres).
I think the current design should be deprecated in the lifespan of distribution
if the upstream refpolicy once gets newer design.
In finally, I believe only 2 of the system can share the design.
Thanks,
--
KaiGai Kohei <kaigai@kaigai.gr.jp>
next prev parent reply other threads:[~2009-04-05 0:52 UTC|newest]
Thread overview: 62+ messages / expand[flat|nested] mbox.gz Atom feed top
2009-03-31 8:55 [RFC] Security policy reworks for SE-PostgreSQL KaiGai Kohei
2009-03-31 8:55 ` [refpolicy] " KaiGai Kohei
2009-03-31 10:05 ` Andy Warner
2009-03-31 10:05 ` [refpolicy] " Andy Warner
2009-03-31 13:51 ` KaiGai Kohei
2009-03-31 13:51 ` [refpolicy] " KaiGai Kohei
2009-03-31 15:11 ` Andy Warner
2009-03-31 15:11 ` [refpolicy] " Andy Warner
2009-03-31 20:34 ` KaiGai Kohei
2009-03-31 20:34 ` [refpolicy] " KaiGai Kohei
2009-03-31 20:39 ` Andy Warner
2009-03-31 20:39 ` [refpolicy] " Andy Warner
2009-03-31 20:46 ` Joshua Brindle
2009-03-31 21:08 ` Andy Warner
2009-03-31 21:08 ` [refpolicy] " Andy Warner
2009-04-01 17:05 ` Joshua Brindle
2009-04-01 0:30 ` KaiGai Kohei
2009-04-01 0:30 ` [refpolicy] " KaiGai Kohei
2009-04-02 8:15 ` KaiGai Kohei
2009-04-02 8:15 ` KaiGai Kohei
2009-04-02 14:27 ` Joshua Brindle
2009-04-02 15:09 ` Christopher J. PeBenito
2009-04-02 15:09 ` Christopher J. PeBenito
2009-04-03 1:17 ` KaiGai Kohei
2009-04-03 1:17 ` KaiGai Kohei
2009-04-03 18:12 ` Joshua Brindle
2009-04-05 0:52 ` KaiGai Kohei [this message]
2009-04-05 0:52 ` KaiGai Kohei
2009-04-06 2:15 ` KaiGai Kohei
2009-04-06 2:15 ` KaiGai Kohei
2009-04-06 18:48 ` SELinux packages version (svn2950) Hasan Rezaul-CHR010
2009-04-06 19:18 ` Joshua Brindle
2009-04-06 19:48 ` Hasan Rezaul-CHR010
2009-04-06 20:14 ` Joshua Brindle
2009-04-06 20:30 ` Hasan Rezaul-CHR010
2009-04-06 20:37 ` Joshua Brindle
2009-04-12 23:45 ` [refpolicy] [RFC] Security policy reworks for SE-PostgreSQL KaiGai Kohei
2009-04-12 23:45 ` KaiGai Kohei
2009-04-20 20:07 ` Christopher J. PeBenito
2009-04-20 20:07 ` Christopher J. PeBenito
2009-04-20 23:27 ` KaiGai Kohei
2009-04-20 23:27 ` KaiGai Kohei
2009-05-07 12:24 ` Christopher J. PeBenito
2009-05-07 12:24 ` Christopher J. PeBenito
2009-05-08 3:56 ` KaiGai Kohei
2009-05-08 3:56 ` KaiGai Kohei
2009-05-08 4:05 ` KaiGai Kohei
2009-05-08 4:05 ` KaiGai Kohei
2009-05-21 11:49 ` Christopher J. PeBenito
2009-05-21 11:49 ` Christopher J. PeBenito
2009-05-08 4:12 ` KaiGai Kohei
2009-05-08 4:12 ` KaiGai Kohei
2009-05-22 13:38 ` Christopher J. PeBenito
2009-05-22 13:38 ` Christopher J. PeBenito
2009-05-21 11:28 ` Christopher J. PeBenito
2009-05-21 11:28 ` Christopher J. PeBenito
2009-04-21 2:51 ` KaiGai Kohei
2009-04-21 2:51 ` KaiGai Kohei
2009-05-07 13:08 ` Christopher J. PeBenito
2009-05-07 13:08 ` Christopher J. PeBenito
2009-04-03 0:25 ` KaiGai Kohei
2009-04-03 0:25 ` KaiGai Kohei
Reply instructions:
You may reply publicly to this message via plain-text email
using any one of the following methods:
* Save the following mbox file, import it into your mail client,
and reply-to-all from there: mbox
Avoid top-posting and favor interleaved quoting:
https://en.wikipedia.org/wiki/Posting_style#Interleaved_style
* Reply using the --to, --cc, and --in-reply-to
switches of git-send-email(1):
git send-email \
--in-reply-to=49D800D7.7060609@kaigai.gr.jp \
--to=kaigai@kaigai.gr.jp \
--cc=cpebenito@tresys.com \
--cc=kaigai@ak.jp.nec.com \
--cc=method@manicmethod.com \
--cc=refpolicy@oss.tresys.com \
--cc=selinux@tycho.nsa.gov \
/path/to/YOUR_REPLY
https://kernel.org/pub/software/scm/git/docs/git-send-email.html
* If your mail client supports setting the In-Reply-To header
via mailto: links, try the mailto: link
Be sure your reply has a Subject: header at the top and a blank line
before the message body.
This is an external index of several public inboxes,
see mirroring instructions on how to clone and mirror
all data and code used by this external index.