Please do not reply directly to this email. All additional comments should be made in the comments box of this bug report.
Summary: Review Request: sepostgresql - Security-Enhanced PostgreSQL
https://bugzilla.redhat.com/bugzilla/show_bug.cgi?id=249522
------- Additional Comments From kaigai@kaigai.gr.jp 2007-08-18 14:54 EST ------- SpecURL: http://sepgsql.googlecode.com/files/sepostgresql.spec SrpmURL: http://sepgsql.googlecode.com/files/sepostgresql-8.2.4- 0.427.beta.fc8.src.rpm
The SE-PostgreSQL package is updated. It contains the following fixes.
1. A bug in the sepostgresql security policy module was fixed. An administration domain could execute a function with sepgsql_user_proc_t. The policy developer intend to deny it.
2. A script in the specfile was fixed. The name of the SELinux object classes are changed. We appanded "db_" prefix onto any object classed related to SE-PostgreSQL while we have a discussion in the selinux-list. Therefore, "SECCLASS_DATABASE" is also renamed to "SECCLASS_DB_DATABSE", and a script to calculate its value in %build section is changed.
3. sepostgresql-pg_dump-renaming.patch is added pg_dumpall calls pg_dump internally, however, SE-PostgreSQL package installs an enhanced pg_dump(all) as sepg_dump(all) to avoid confliction with the native postgresql package. This small patch enables sepg_dumpall to use sepg_dump.