Re: [0/4] Proposal of SE-PostgreSQL patches

by bruce@[EMAIL PROTECTED] (Bruce Momjian) Jun 25, 2008 at 11:58 PM

Added to TODO:

* Improve server security options

  http://archives.postgresql.org/pgsql-hackers/2008-04/msg01875.php
  http://archives.postgresql.org/pgsql-hackers/2008-05/msg00000.php


---------------------------------------------------------------------------

KaiGai Kohei wrote:
> I updated the series of SE-PostgreSQL patches for the latest
pgsql-8.4devel tree.
> 
> [1/4] sepostgresql-pgace-8.4devel-3-r739.patch
>       provides PGACE (PostgreSQL Access Control Extension) framework.
>   
http://sepgsql.googlecode.com/files/sepostgresql-pgace-8.4devel-3-r739.patch
> 
> [2/4] sepostgresql-sepgsql-8.4devel-3-r739.patch
>       provides SE-PostgreSQL feature, based on PGACE framework.
>   
http://sepgsql.googlecode.com/files/sepostgresql-sepgsql-8.4devel-3-r739.patch
> 
> [3/4] sepostgresql-pg_dump-8.4devel-3-r739.patch
>       enables to dump databases with security attribute.
>   
http://sepgsql.googlecode.com/files/sepostgresql-pg_dump-8.4devel-3-r739.patch
> 
> [4/4] sepostgresql-policy-8.4devel-3-r739.patch
>       provides the default security policy of SE-PostgreSQL.
>   
http://sepgsql.googlecode.com/files/sepostgresql-policy-8.4devel-3-r739.patch
> 
> We provide a quick overview for SE-PostgreSQL at:
>     http://code.google.com/p/sepgsql/wiki/WhatIsSEPostgreSQL
> 
> Thanks,
> 
> KaiGai Kohei wrote:
> > The series of patches are the proposal of Security-Enhanced PostgreSQL
(SE-PostgreSQL)
> > for the upstreamed PostgreSQL 8.4 development cycle.
> > 
> >  [1/4] sepostgresql-pgace-8.4devel-3.patch
> >          provides PGACE (PostgreSQL Access Control Extension)
framework
> >    
http://sepgsql.googlecode.com/files/sepostgresql-pgace-8.4devel-3-r704.patch
> > 
> >  [2/4] sepostgresql-sepgsql-8.4devel-3.patch
> >          provides SE-PostgreSQL feature, based on PGACE framework.
> >    
http://sepgsql.googlecode.com/files/sepostgresql-sepgsql-8.4devel-3-r704.patch
> > 
> >  [3/4] sepostgresql-pg_dump-8.4devel-3.patch
> >          enables pg_dump to dump database with security attribute.
> >    
http://sepgsql.googlecode.com/files/sepostgresql-pg_dump-8.4devel-3-r704.patch
> > 
> >  [4/4] sepostgresql-policy-8.4devel-3.patch
> >          provides the default security policy for SE-PostgreSQL.
> >    
http://sepgsql.googlecode.com/files/sepostgresql-policy-8.4devel-3-r704.patch
> > 
> > We can provide a quick overview for SE-PostgreSQL at:
> >     http://code.google.com/p/sepgsql/wiki/WhatIsSEPostgreSQL
> > 
> > ENVIRONMENT
> > -----------
> > Please confirm your environment.
> > The followings are requriements of SE-PostgreSQL.
> >  * Fedora 8 or later system
> >  * SELinux is enabled and working
> >  * kernel-2.6.24 or later
> >  * selinux-policy and selinux-policy-devel v3.0.8 or later
> >  * libselinux, policycoreutils
> > 
> > INSTALLATION
> > ------------
> > $ tar jxvf postgresql-snapshot.tar.bz2
> > $ cd postgresql-snapshot
> > $ patch -p1 < ../sepostgresql-pgace-8.4devel-3.patch
> > $ patch -p1 < ../sepostgresql-sepgsql-8.4devel-3.patch
> > $ patch -p1 < ../sepostgresql-pg_dump-8.4devel-3.patch
> > $ patch -p1 < ../sepostgresql-policy-8.4devel-3.patch
> > 
> > $ ./configure --enable-selinux
> > $ make
> > $ make -C contrib/sepgsql-policy
> > $ su
> > # make install
> > 
> > # /usr/sbin/semodule -i contrib/sepgsql-policy/sepostgresql.pp
> >   (NOTE: semodule is a utility to load/unload security policy
modules.)
> > 
> > # /sbin/restorecon -R /usr/local/pgsql
> >   (NOTE: restorecon is a utilicy to initialize security context of
files.)
> > 
> > SETUP
> > -----
> > # mkdir -p /opt/sepgsql
> > # chown foo_user:var_group /opt/sepgsql
> > # chcon -t postgresql_db_t /opt/sepgsql
> >   (NOTE: chcon is a utility to set up security context of files.)
> > # exit
> > 
> > $ /usr/sbin/run_init /usr/local/pgsql/bin/initdb -D /opt/sepgsql
> >   (NOTE: run_init is a utility to start a program, as if it is
branched from init script.)
> > $ /usr/local/pgsql/bin/pg_ctl -D /opt/sepgsql start
> > 
> > 
> > SUMMARYS FOR EVERY PATCHES
> > --------------------------
> > [1/4] - sepostgresql-pgace-8.4devel-3.patch
> > 
> > This patch provides PGACE (PostgreSQL Access Control Extension)
framework.
> > 
> > It has a similar idea of LSM (Linu Security Module).
> > It can provide a guest module several hooks at strategic points.
> > The guest module can make its decision whether required actions should
be
> > allowed, or not.
> > In addition, PGACE also provides falicilites to manage security
attribute
> > of database objects. Any tuple can have a its security attribute, and
the
> > guest module can refer it to control accesses.
> > 
> >   A more conprehensive memo at:
> >     http://code.google.com/p/sepgsql/wiki/WhatIsPGACE
> > 
> > [2/4] - sepostgresql-sepgsql-8.4devel-3.patch
> > 
> > This patch provides SE-PostgreSQL facilities based on PGACE.
> > 
> > Security-Enhanced PostgreSQL (SE-PostgreSQL) is a security extension
> > built in PostgreSQL, to provide system-wide consistency in access
> > controls. It enables to apply a single unigied security policy of
> > SELinux for both operating system and database management system.
> > In addition, it also provides fine-grained mandatory access which
> > includes column-/row- level non-bypassable access control even if
> > privileged database users.
> > 
> >   Quick overview at:
> >     http://code.google.com/p/sepgsql/wiki/WhatIsSEPostgreSQL
> > 
> > [3/4] - sepostgresql-pg_dump-8.4devel-3.patch
> > 
> > This patch gives us a feature to dump database with security
attribute.
> > It is turned on with '--enable-selinux' option at pg_dump/pg_dumpall,
> > when the server works as SE- version.
> > No need to say, users need to have enough capabilities to dump whole
of
> > database. It it same when they tries to restore the database.
> > 
> > [4/4] - sepostgresql-policy-8.4devel-3.patch
> > 
> > This patch gives us the default security policy for SE-PostgreSQL.
> > You can build it as a security policy module. It can be linked with
> > the existing distributor's policy, and reloaded.
> > 
> 
> 
> -- 
> OSS Platform Development Division, NEC
> KaiGai Kohei <kaigai@[EMAIL PROTECTED]
>
> 
> -- 
> Sent via pgsql-hackers mailing list (pgsql-hackers@[EMAIL PROTECTED]
)
> To make changes to your subscription:
> http://www.postgresql.org/mailpref/pgsql-hackers

-- 
  Bruce Momjian  <bruce@[EMAIL PROTECTED]
>        http://momjian.us
  EnterpriseDB                             http://enterprisedb.com

  + If your life is a hard drive, Christ can be your backup. +

-- 
Sent via pgsql-hackers mailing list (pgsql-hackers@[EMAIL PROTECTED]
)
To make changes to your subscription:
http://www.postgresql.org/mailpref/pgsql-hackers