I think I speak for the average Linux user when I say:
What are you talking about?
Label? Context? These are not Unix concepts. SELinux has secretly replaced my Unix system
with Folger's Crystals. Let's see if anyone notices.
You say "You can probably imagine several ways that symlinks can be used to trick postgres
into doing something that wasn't intended." Actually, I cannot think of any such thing. Can
you perhaps explain to me how an adversarial symlink would have magically appeared in
/var/lib/pgsql under the traditional Unix security model? Keep in mind that this directory is
owned drwx------ postgres postgres.
The question posed in the article was whether SELinux should be enabled by default. If your
comment is any indication, SELinux is from another galaxy, and definitely should not be
enabled by default for people who were under the impression that they were using Linux. If
there are customers who are insisting on this foreign access control system, then they are
probably smart enough to turn it on.