diff for duplicates of <4D021AB0.9040900@rubix.com> diff --git a/a/1.txt b/N1/1.txt index ad90cb7..31db4e9 100644 --- a/a/1.txt +++ b/N1/1.txt @@ -113,5 +113,8 @@ the refpolicy, will it eventually make it into Fedora and/or RHEL 6? > > _______________________________________________ > refpolicy mailing list -> refpolicy@oss.tresys.com +> refpolicy at oss.tresys.com > http://oss.tresys.com/mailman/listinfo/refpolicy +-------------- next part -------------- +An HTML attachment was scrubbed... +URL: http://oss.tresys.com/pipermail/refpolicy/attachments/20101210/eccd8e4e/attachment.html diff --git a/a/2.bin b/a/2.bin deleted file mode 100644 index ba0f9fe..0000000 --- a/a/2.bin +++ /dev/null @@ -1,136 +0,0 @@ -<!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.01 Transitional//EN"> -<html> - <head> - <meta content="text/html; charset=ISO-2022-JP" - http-equiv="Content-Type"> - <title></title> - </head> - <body text="#000000" bgcolor="#ffffff"> - <br> - <br> - On 12/10/2010 10:49 AM, KaiGai Kohei wrote: - <blockquote cite="mid:4D01F7A4.90708@ak.jp.nec.com" type="cite"> - <pre wrap="">The attached patch adds a few database object classes, as follows: - -* db_schema ------------- -A schema object performs as a namespace in database; similar to -directories in filesystem. -It seems some of (but not all) database objects are stored within -a certain schema logically. We can qualify these objects using -schema name. For example, a table: "my_tbl" within a schema: "my_scm" -is identified by "my_scm.my_tbl". This table is completely different -from "your_scm.my_tbl" that it a table within a schema: "your_scm". -Its characteristics is similar to a directory in filesystem, so -it has similar permissions. -The 'search' controls to resolve object name within a schema. -The 'add_name' and 'remove_name' controls to add/remove an object -to/from a schema. -See also, - <a class="moz-txt-link-freetext" href="http://developer.postgresql.org/pgdocs/postgres/sql-createschema.html">http://developer.postgresql.org/pgdocs/postgres/sql-createschema.html</a> - -In the past discussion, a rubix folks concerned about no object -class definition for schema and catalog which is an upper level -namespace. Since I'm not certain whether we have a disadvantage -when 'db_schema' class is applied on catalog class, I don't add -this definition yet. -</pre> - </blockquote> - <br> - From my point of view, as a rubix folk, I see no disadvantage in - using the db_schema class for catalogs. As we are now overloading - the dir object class, using the db_schema for both schemata and - catalogs is an improvement. For us in the foreseeable future, there - is no functional distinction. <br> - <br> - I do think that the SQL spec does allow things to be associated with - a named schema that may not be associated with a catalog. For - instance, a character set. But, don't quote me on that:-)<br> - <br> - Forgive me for my ignorance, but when a patch like this is submitted - to the refpolicy, will it eventually make it into Fedora and/or RHEL - 6?<br> - <br> - <blockquote cite="mid:4D01F7A4.90708@ak.jp.nec.com" type="cite"> - <pre wrap=""> -Default security context of 'db_table' and 'db_procedure' classes -get being computed using type_transition with 'db_schema' class, -instead of 'db_database' class. It reflects logical hierarchy of -database object more correctly. - - -* db_view ----------- -A view object performs as a virtual table. We can run SELECT -statement on views, although it has no physical entities. -The definition of views are expanded in run-time, so it allows -us to describe complex queries with keeping readability. -This object class uniquely provides 'expand' permission that -controls whether user can expand this view, or not. -The default security context shall be computed by type transition -rule with a schema object that owning the view. - -See also, - <a class="moz-txt-link-freetext" href="http://developer.postgresql.org/pgdocs/postgres/sql-createview.html">http://developer.postgresql.org/pgdocs/postgres/sql-createview.html</a> - - -* db_sequence --------------- -A sequence object is a sequential number generator. -This object class uniquely provides 'get_value', 'next_value' and -'set_value' permissions. The 'get_value' controls to reference the -sequence object. The 'next_value' controls to fetch and increment -the value of sequence object. The 'set_value' controls to set -an arbitrary value. -The default security context shall be computed by type transition -rule with a schema object that owning the sequence. - -See also, - <a class="moz-txt-link-freetext" href="http://developer.postgresql.org/pgdocs/postgres/sql-createsequence.html">http://developer.postgresql.org/pgdocs/postgres/sql-createsequence.html</a> - - -* db_language --------------- -A language object is an installed engine to execute procedures. -PostgreSQL supports to define SQL procedures using regular script -languages; such as Perl, Tcl, not only SQL or binary modules. -In addition, v9.0 or later supports DO statement. It allows us to -execute a script statement on server side without defining a SQL -procedure. It requires to control whether user can execute DO -statement on this language, or not. -This object class uniquely provides 'implement' and 'execute' -permissions. The 'implement' controls whether a procedure can -be implemented with this language, or not. So, it takes security -context of the procedure as subject. The 'execute' controls to -execute code block using DO statement. -The default security context shall be computed by type transition -rule with a database object, because it is not owned by a certain -schema. - -In the default policy, we provide two types: 'sepgsql_lang_t' and -'sepgsql_safe_lang_t' that allows unpriv users to execute DO -statement. The default is 'sepgsql_leng_t'. -We assume newly installed language may be harm, so DBA has to relabel -it explicitly, if he want user defined procedures using the language. - -See also, - <a class="moz-txt-link-freetext" href="http://developer.postgresql.org/pgdocs/postgres/sql-createlanguage.html">http://developer.postgresql.org/pgdocs/postgres/sql-createlanguage.html</a> - <a class="moz-txt-link-freetext" href="http://developer.postgresql.org/pgdocs/postgres/sql-do.html">http://developer.postgresql.org/pgdocs/postgres/sql-do.html</a> - -P.S) -I found a bug in MCS. It didn't constraint 'relabelfrom' permission -of 'db_procedure' class. IIRC, I fixed it before, but it might be -only MLS side. Sorry. - -Thanks, -</pre> - <pre wrap=""> -<fieldset class="mimeAttachmentHeader"></fieldset> -_______________________________________________ -refpolicy mailing list -<a class="moz-txt-link-abbreviated" href="mailto:refpolicy@oss.tresys.com">refpolicy@oss.tresys.com</a> -<a class="moz-txt-link-freetext" href="http://oss.tresys.com/mailman/listinfo/refpolicy">http://oss.tresys.com/mailman/listinfo/refpolicy</a> -</pre> - </blockquote> - </body> -</html> diff --git a/a/2.hdr b/a/2.hdr deleted file mode 100644 index 4d5ce0e..0000000 --- a/a/2.hdr +++ /dev/null @@ -1,2 +0,0 @@ -Content-Type: text/html; charset=ISO-2022-JP -Content-Transfer-Encoding: 7bit diff --git a/a/content_digest b/N1/content_digest index faa3c3b..8eddcda 100644 --- a/a/content_digest +++ b/N1/content_digest @@ -1,11 +1,9 @@ "ref\04D01F7A4.90708@ak.jp.nec.com\0" - "From\0Andy Warner <warner@rubix.com>\0" - "Subject\0Re: [refpolicy] [PATCH] New database object classes\0" + "From\0warner@rubix.com (Andy Warner)\0" + "Subject\0[refpolicy] [PATCH] New database object classes\0" "Date\0Fri, 10 Dec 2010 13:18:56 +0100\0" - "To\0KaiGai Kohei <kaigai@ak.jp.nec.com>\0" - "Cc\0refpolicy@oss1.tresys.com" - " selinux@tycho.nsa.gov\0" - "\01:1\0" + "To\0refpolicy@oss.tresys.com\0" + "\00:1\0" "b\0" "\n" "\n" @@ -122,145 +120,10 @@ ">\n" "> _______________________________________________\n" "> refpolicy mailing list\n" - "> refpolicy@oss.tresys.com\n" - > http://oss.tresys.com/mailman/listinfo/refpolicy - "\01:2\0" - "b\0" - "<!DOCTYPE HTML PUBLIC \"-//W3C//DTD HTML 4.01 Transitional//EN\">\n" - "<html>\n" - " <head>\n" - " <meta content=\"text/html; charset=ISO-2022-JP\"\n" - " http-equiv=\"Content-Type\">\n" - " <title></title>\n" - " </head>\n" - " <body text=\"#000000\" bgcolor=\"#ffffff\">\n" - " <br>\n" - " <br>\n" - " On 12/10/2010 10:49 AM, KaiGai Kohei wrote:\n" - " <blockquote cite=\"mid:4D01F7A4.90708@ak.jp.nec.com\" type=\"cite\">\n" - " <pre wrap=\"\">The attached patch adds a few database object classes, as follows:\n" - "\n" - "* db_schema\n" - "------------\n" - "A schema object performs as a namespace in database; similar to\n" - "directories in filesystem.\n" - "It seems some of (but not all) database objects are stored within\n" - "a certain schema logically. We can qualify these objects using\n" - "schema name. For example, a table: \"my_tbl\" within a schema: \"my_scm\"\n" - "is identified by \"my_scm.my_tbl\". This table is completely different\n" - "from \"your_scm.my_tbl\" that it a table within a schema: \"your_scm\".\n" - "Its characteristics is similar to a directory in filesystem, so\n" - "it has similar permissions.\n" - "The 'search' controls to resolve object name within a schema.\n" - "The 'add_name' and 'remove_name' controls to add/remove an object\n" - "to/from a schema.\n" - "See also,\n" - " <a class=\"moz-txt-link-freetext\" href=\"http://developer.postgresql.org/pgdocs/postgres/sql-createschema.html\">http://developer.postgresql.org/pgdocs/postgres/sql-createschema.html</a>\n" - "\n" - "In the past discussion, a rubix folks concerned about no object\n" - "class definition for schema and catalog which is an upper level\n" - "namespace. Since I'm not certain whether we have a disadvantage\n" - "when 'db_schema' class is applied on catalog class, I don't add\n" - "this definition yet.\n" - "</pre>\n" - " </blockquote>\n" - " <br>\n" - " From my point of view, as a rubix folk, I see no disadvantage in\n" - " using the db_schema class for catalogs. As we are now overloading\n" - " the dir object class, using the db_schema for both schemata and\n" - " catalogs is an improvement. For us in the foreseeable future, there\n" - " is no functional distinction. <br>\n" - " <br>\n" - " I do think that the SQL spec does allow things to be associated with\n" - " a named schema that may not be associated with a catalog. For\n" - " instance, a character set. But, don't quote me on that:-)<br>\n" - " <br>\n" - " Forgive me for my ignorance, but when a patch like this is submitted\n" - " to the refpolicy, will it eventually make it into Fedora and/or RHEL\n" - " 6?<br>\n" - " <br>\n" - " <blockquote cite=\"mid:4D01F7A4.90708@ak.jp.nec.com\" type=\"cite\">\n" - " <pre wrap=\"\">\n" - "Default security context of 'db_table' and 'db_procedure' classes\n" - "get being computed using type_transition with 'db_schema' class,\n" - "instead of 'db_database' class. It reflects logical hierarchy of\n" - "database object more correctly.\n" - "\n" - "\n" - "* db_view\n" - "----------\n" - "A view object performs as a virtual table. We can run SELECT\n" - "statement on views, although it has no physical entities.\n" - "The definition of views are expanded in run-time, so it allows\n" - "us to describe complex queries with keeping readability.\n" - "This object class uniquely provides 'expand' permission that\n" - "controls whether user can expand this view, or not.\n" - "The default security context shall be computed by type transition\n" - "rule with a schema object that owning the view.\n" - "\n" - "See also,\n" - " <a class=\"moz-txt-link-freetext\" href=\"http://developer.postgresql.org/pgdocs/postgres/sql-createview.html\">http://developer.postgresql.org/pgdocs/postgres/sql-createview.html</a>\n" - "\n" - "\n" - "* db_sequence\n" - "--------------\n" - "A sequence object is a sequential number generator.\n" - "This object class uniquely provides 'get_value', 'next_value' and\n" - "'set_value' permissions. The 'get_value' controls to reference the\n" - "sequence object. The 'next_value' controls to fetch and increment\n" - "the value of sequence object. The 'set_value' controls to set\n" - "an arbitrary value.\n" - "The default security context shall be computed by type transition\n" - "rule with a schema object that owning the sequence.\n" - "\n" - "See also,\n" - " <a class=\"moz-txt-link-freetext\" href=\"http://developer.postgresql.org/pgdocs/postgres/sql-createsequence.html\">http://developer.postgresql.org/pgdocs/postgres/sql-createsequence.html</a>\n" - "\n" - "\n" - "* db_language\n" - "--------------\n" - "A language object is an installed engine to execute procedures.\n" - "PostgreSQL supports to define SQL procedures using regular script\n" - "languages; such as Perl, Tcl, not only SQL or binary modules.\n" - "In addition, v9.0 or later supports DO statement. It allows us to\n" - "execute a script statement on server side without defining a SQL\n" - "procedure. It requires to control whether user can execute DO\n" - "statement on this language, or not.\n" - "This object class uniquely provides 'implement' and 'execute'\n" - "permissions. The 'implement' controls whether a procedure can\n" - "be implemented with this language, or not. So, it takes security\n" - "context of the procedure as subject. The 'execute' controls to\n" - "execute code block using DO statement.\n" - "The default security context shall be computed by type transition\n" - "rule with a database object, because it is not owned by a certain\n" - "schema.\n" - "\n" - "In the default policy, we provide two types: 'sepgsql_lang_t' and\n" - "'sepgsql_safe_lang_t' that allows unpriv users to execute DO\n" - "statement. The default is 'sepgsql_leng_t'.\n" - "We assume newly installed language may be harm, so DBA has to relabel\n" - "it explicitly, if he want user defined procedures using the language.\n" - "\n" - "See also,\n" - " <a class=\"moz-txt-link-freetext\" href=\"http://developer.postgresql.org/pgdocs/postgres/sql-createlanguage.html\">http://developer.postgresql.org/pgdocs/postgres/sql-createlanguage.html</a>\n" - " <a class=\"moz-txt-link-freetext\" href=\"http://developer.postgresql.org/pgdocs/postgres/sql-do.html\">http://developer.postgresql.org/pgdocs/postgres/sql-do.html</a>\n" - "\n" - "P.S)\n" - "I found a bug in MCS. It didn't constraint 'relabelfrom' permission\n" - "of 'db_procedure' class. IIRC, I fixed it before, but it might be\n" - "only MLS side. Sorry.\n" - "\n" - "Thanks,\n" - "</pre>\n" - " <pre wrap=\"\">\n" - "<fieldset class=\"mimeAttachmentHeader\"></fieldset>\n" - "_______________________________________________\n" - "refpolicy mailing list\n" - "<a class=\"moz-txt-link-abbreviated\" href=\"mailto:refpolicy@oss.tresys.com\">refpolicy@oss.tresys.com</a>\n" - "<a class=\"moz-txt-link-freetext\" href=\"http://oss.tresys.com/mailman/listinfo/refpolicy\">http://oss.tresys.com/mailman/listinfo/refpolicy</a>\n" - "</pre>\n" - " </blockquote>\n" - " </body>\n" - "</html>\n" + "> refpolicy at oss.tresys.com\n" + "> http://oss.tresys.com/mailman/listinfo/refpolicy\n" + "-------------- next part --------------\n" + "An HTML attachment was scrubbed...\n" + URL: http://oss.tresys.com/pipermail/refpolicy/attachments/20101210/eccd8e4e/attachment.html -76deea25619853e27c96196223933779c13f21da5bcbfeea6b0dd70446dcd2e2 +e22f574437956c4762919aa3c28fecb4d6d65c74a007802c730a4bf80251ff50
This is an external index of several public inboxes, see mirroring instructions on how to clone and mirror all data and code used by this external index.