Please do not reply directly to this email. All additional comments should be made in the comments box of this bug report.
Summary: Review Request: sepostgresql - Security-Enhanced PostgreSQL
https://bugzilla.redhat.com/show_bug.cgi?id=249522
------- Additional Comments From kaigai@kaigai.gr.jp 2007-08-28 18:20 EST ------- [SpecURL] http://sepgsql.googlecode.com/files/sepostgresql.spec [SrpmURL] http://sepgsql.googlecode.com/files/sepostgresql-8.2.4-0.434.beta.fc8.src.rp...
(In reply to comment #48)
For example, the PL and -test subpackages Require: postgresql-server, which would mean you'd have to duplicate those as se-specific versions. (Which maybe you have to do anyway, for the PLs ... are they going to be binary-compatible? What about postgresql-contrib?)
The binary-compatibilities strongly depends on the internal implementation. Because SE-PostgreSQL modifies several data structure like HeapTupleHeader to store its security attribute, we cannot share *.so files in binary- compatible. Therefore, these are deployed on "/usr/lib/sepgsql" in the updated version, as the previous one. This manner follows "Library Name Conflicts" in the Conflicts Guidelines.
As you mentioned, when we use any other PL- or contrib modules, these also have to be built for SE-PostgreSQL. However, these are not duplicate ones.
I want the latest one to be reviewed and be put on the next phase again. Thanks,