Added to TODO: * Improve server security options
http://archives.postgresql.org/pgsql-hackers/2008-04/msg01875.php http://archives.postgresql.org/pgsql-hackers/2008-05/msg00000.php --------------------------------------------------------------------------- KaiGai Kohei wrote: > I updated the series of SE-PostgreSQL patches for the latest pgsql-8.4devel > tree. > > [1/4] sepostgresql-pgace-8.4devel-3-r739.patch > provides PGACE (PostgreSQL Access Control Extension) framework. > > http://sepgsql.googlecode.com/files/sepostgresql-pgace-8.4devel-3-r739.patch > > [2/4] sepostgresql-sepgsql-8.4devel-3-r739.patch > provides SE-PostgreSQL feature, based on PGACE framework. > > http://sepgsql.googlecode.com/files/sepostgresql-sepgsql-8.4devel-3-r739.patch > > [3/4] sepostgresql-pg_dump-8.4devel-3-r739.patch > enables to dump databases with security attribute. > > http://sepgsql.googlecode.com/files/sepostgresql-pg_dump-8.4devel-3-r739.patch > > [4/4] sepostgresql-policy-8.4devel-3-r739.patch > provides the default security policy of SE-PostgreSQL. > > http://sepgsql.googlecode.com/files/sepostgresql-policy-8.4devel-3-r739.patch > > We provide a quick overview for SE-PostgreSQL at: > http://code.google.com/p/sepgsql/wiki/WhatIsSEPostgreSQL > > Thanks, > > KaiGai Kohei wrote: > > The series of patches are the proposal of Security-Enhanced PostgreSQL > > (SE-PostgreSQL) > > for the upstreamed PostgreSQL 8.4 development cycle. > > > > [1/4] sepostgresql-pgace-8.4devel-3.patch > > provides PGACE (PostgreSQL Access Control Extension) framework > > > > http://sepgsql.googlecode.com/files/sepostgresql-pgace-8.4devel-3-r704.patch > > > > [2/4] sepostgresql-sepgsql-8.4devel-3.patch > > provides SE-PostgreSQL feature, based on PGACE framework. > > > > http://sepgsql.googlecode.com/files/sepostgresql-sepgsql-8.4devel-3-r704.patch > > > > [3/4] sepostgresql-pg_dump-8.4devel-3.patch > > enables pg_dump to dump database with security attribute. > > > > http://sepgsql.googlecode.com/files/sepostgresql-pg_dump-8.4devel-3-r704.patch > > > > [4/4] sepostgresql-policy-8.4devel-3.patch > > provides the default security policy for SE-PostgreSQL. > > > > http://sepgsql.googlecode.com/files/sepostgresql-policy-8.4devel-3-r704.patch > > > > We can provide a quick overview for SE-PostgreSQL at: > > http://code.google.com/p/sepgsql/wiki/WhatIsSEPostgreSQL > > > > ENVIRONMENT > > ----------- > > Please confirm your environment. > > The followings are requriements of SE-PostgreSQL. > > * Fedora 8 or later system > > * SELinux is enabled and working > > * kernel-2.6.24 or later > > * selinux-policy and selinux-policy-devel v3.0.8 or later > > * libselinux, policycoreutils > > > > INSTALLATION > > ------------ > > $ tar jxvf postgresql-snapshot.tar.bz2 > > $ cd postgresql-snapshot > > $ patch -p1 < ../sepostgresql-pgace-8.4devel-3.patch > > $ patch -p1 < ../sepostgresql-sepgsql-8.4devel-3.patch > > $ patch -p1 < ../sepostgresql-pg_dump-8.4devel-3.patch > > $ patch -p1 < ../sepostgresql-policy-8.4devel-3.patch > > > > $ ./configure --enable-selinux > > $ make > > $ make -C contrib/sepgsql-policy > > $ su > > # make install > > > > # /usr/sbin/semodule -i contrib/sepgsql-policy/sepostgresql.pp > > (NOTE: semodule is a utility to load/unload security policy modules.) > > > > # /sbin/restorecon -R /usr/local/pgsql > > (NOTE: restorecon is a utilicy to initialize security context of files.) > > > > SETUP > > ----- > > # mkdir -p /opt/sepgsql > > # chown foo_user:var_group /opt/sepgsql > > # chcon -t postgresql_db_t /opt/sepgsql > > (NOTE: chcon is a utility to set up security context of files.) > > # exit > > > > $ /usr/sbin/run_init /usr/local/pgsql/bin/initdb -D /opt/sepgsql > > (NOTE: run_init is a utility to start a program, as if it is branched > > from init script.) > > $ /usr/local/pgsql/bin/pg_ctl -D /opt/sepgsql start > > > > > > SUMMARYS FOR EVERY PATCHES > > -------------------------- > > [1/4] - sepostgresql-pgace-8.4devel-3.patch > > > > This patch provides PGACE (PostgreSQL Access Control Extension) framework. > > > > It has a similar idea of LSM (Linu Security Module). > > It can provide a guest module several hooks at strategic points. > > The guest module can make its decision whether required actions should be > > allowed, or not. > > In addition, PGACE also provides falicilites to manage security attribute > > of database objects. Any tuple can have a its security attribute, and the > > guest module can refer it to control accesses. > > > > A more conprehensive memo at: > > http://code.google.com/p/sepgsql/wiki/WhatIsPGACE > > > > [2/4] - sepostgresql-sepgsql-8.4devel-3.patch > > > > This patch provides SE-PostgreSQL facilities based on PGACE. > > > > Security-Enhanced PostgreSQL (SE-PostgreSQL) is a security extension > > built in PostgreSQL, to provide system-wide consistency in access > > controls. It enables to apply a single unigied security policy of > > SELinux for both operating system and database management system. > > In addition, it also provides fine-grained mandatory access which > > includes column-/row- level non-bypassable access control even if > > privileged database users. > > > > Quick overview at: > > http://code.google.com/p/sepgsql/wiki/WhatIsSEPostgreSQL > > > > [3/4] - sepostgresql-pg_dump-8.4devel-3.patch > > > > This patch gives us a feature to dump database with security attribute. > > It is turned on with '--enable-selinux' option at pg_dump/pg_dumpall, > > when the server works as SE- version. > > No need to say, users need to have enough capabilities to dump whole of > > database. It it same when they tries to restore the database. > > > > [4/4] - sepostgresql-policy-8.4devel-3.patch > > > > This patch gives us the default security policy for SE-PostgreSQL. > > You can build it as a security policy module. It can be linked with > > the existing distributor's policy, and reloaded. > > > > > -- > OSS Platform Development Division, NEC > KaiGai Kohei <[EMAIL PROTECTED]> > > -- > Sent via pgsql-hackers mailing list (pgsql-hackers@postgresql.org) > To make changes to your subscription: > http://www.postgresql.org/mailpref/pgsql-hackers -- Bruce Momjian <[EMAIL PROTECTED]> http://momjian.us EnterpriseDB http://enterprisedb.com + If your life is a hard drive, Christ can be your backup. + -- Sent via pgsql-hackers mailing list (pgsql-hackers@postgresql.org) To make changes to your subscription: http://www.postgresql.org/mailpref/pgsql-hackers
