On Mon, 11 Oct 2004 17:53:13 PDT, Tom Mitchell said: > Since Temlakos mentioned building a database what model of data > management should he consider. > > On the surface SELinux could put a fence around the database and data > but if the database had data that rightly belonged in multiple domains > I suspect he has a problem that is not clearly addressed by tossing > SELinux into the pot. Well, if his application is well behaved, he can at least ensure that any access to the data in the backend store can only be accessed via means mediated by the application's access control mechanisms. In other words, no trawling the database by using 'strings' (or a more sophisticated program to read Sleepycat/mysql/oracle/whatever formats).... If there's data from multiple security domains inside the database, then of course the database will have to do its own work there. Didn't somebody have a patch/code/trick for getting an Apache server to change contexts when it ran different CGI's, or am I hallucinating? That sounds like it might be applicable here (although I seem to remember it being shot down or died of bit-rot as things evolved)....
Attachment:
pgpLCVd1wm9we.pgp
Description: PGP signature
