SELinux / SEPostgreSQL users: There are some proposed improvements in the 2013-01 commitfest that might go into PostgreSQL 9.3 – but only if you help.
Interested users are needed to try out the following patches and report back with their experiences if you want to see these changes in 9.3:
The patches are:
Add a new event type of object_access_hook named OAT_POST_ALTER. This allows extensions to catch controls just after system catalogs are updated. Patch also adds sepgsql permission check capability on some ALTER commands, but not all.
http://commitfest.postgresql.org/action/patch_view?id=1003
This patch adds sepgsql support for permission checks equivalent
to the existing SCHEMA USE privilege:
http://commitfest.postgresql.org/action/patch_view?id=1065
This patch adds sepgsql support for permission checks almost
equivalent to the existing FUNCTION EXECUTE privilege:
http://commitfest.postgresql.org/action/patch_view?id=1066
This patch adds sepgsql the feature of name qualified creation label:
http://commitfest.postgresql.org/action/patch_view?id=1064
If you’re interested in SELinux, please glance at the discussion linked to in those patch entries, then grab a patch and try it out as per the reviewer guidelines: