Subject: CAcert Code Development list.
List archive
- From: Philipp Gühring <pg AT futureware.at>
- To: "Rodrigo Rubira Branco \(BSDaemon\)" <rodrigo AT kernelhacking.com>, "CAcert Code Development list." <cacert-devel AT lists.cacert.org>
- Subject: Re: [CAcert-Devel] SecurityDatabase
- Date: Thu, 5 Jul 2007 17:32:41 +0200
- List-archive: <http://lists.cacert.org/cgi-bin/mailman/private/cacert-devel>
- List-id: "CAcert Code Development list." <cacert-devel.lists.cacert.org>
- Organization: Futureware 2001
Hello Irigo,
> I think we must take a look at the Security Enhanced PostgreSQL:
> http://selinux-symposium.org/2007/wipsbofs.php
>
> Have you ever tried it?
Ok, I took a look at it now. What it does is that it forwards the
security-lables (which security clearance the user has) to the PostgreSQL
database, and then restricting access to the rows/columns based on the
classification of the data.
It doesn´t solve any of the requirements we have at CAcert, but we might be
able to use it as a base infrastructure to build our own Security-Enhanced
version of PostgreSQL, since it´s code is already in the right places to do
some of our requirements, but we still need a different security model, and a
lot more.
Best regards,
Philipp Gühring
- [CAcert-Devel] SecurityDatabase, Philipp Gühring, 07/04/2007
- <Possible follow-up(s)>
- Re: [CAcert-Devel] SecurityDatabase, Rodrigo Rubira Branco (BSDaemon), 07/04/2007
- Re: [CAcert-Devel] SecurityDatabase, Philipp Gühring, 07/04/2007
- Re: [CAcert-Devel] SecurityDatabase, Philipp Gühring, 07/05/2007
Archive powered by MHonArc 2.6.16.