SELinux and PostgreSQL: a worthwhile union?

"The SE-PgSQL patch has struggled to get into the PostgreSQL mainline; it is now preparing for what may well be its last push to be merged. Whether it's successful may, in the end, depend on whether it receives support from potential users.

"SELinux works by attaching labels to objects and roles to actors, then enforcing rules describing what sort of access to objects with specific labels is allowed to specific roles. It is a highly flexible system, but also highly complex; even a minimal SELinux policy can involve thousands of rules. The complexity of SELinux has almost certainly inhibited its adoption in the broader Linux community; when SELinux gets in the way of real work, figuring out how to fix it can be a nontrivial task. Over the years, many administrators have concluded, like Ted Ts'o, that "life is too short for SELinux."

"That said, Fedora and Red Hat have slowly made progress in using SELinux to confine parts of the system without creating too much user pain. And there is certainly a place for more comprehensive security models in general. But once one starts protecting data at the filesystem level, it makes sense to ask whether data which is accessed through higher-level mechanisms - a relational database manager, say - should also be subject to the system's security policies. In an ideal world, the same security policy would be operative at all levels."

Complete Story

Related Stories:

• Fedora 12 vs. Ubuntu 9.10 Benchmarks(Nov 05, 2009)
• Cool things with SELinux... Introducing sandbox -X(Sep 17, 2009)
• Secure Virtualization Using SELinux (sVirt)(Aug 25, 2009)
• The Cost of SELinux, Audit, & Kernel Debugging(Aug 13, 2009)
• A Linux security story(Jul 17, 2009)
• Linux kernel design patterns - part 2(Jun 30, 2009)