The following PHP script is an example to assign individual security context. A modified version of Apache kicks a child thread for each requirests and assign its security context based on authenticated username via HTTP basic authentication. http://kaigai.myhome.cx/index.php Three users are set up (curry, sushi and noodle) with same password of "selinux", to confirm they have individual security context. No need to say, this script has a vulnerability of SQL injection. It can help to image how SELinux aware LAPP stack protect from web application bugs. (*) The above URL and environment is temporary one, so I'll close it without any notices after a week. :-) Thanks, -- OSS Platform Development Division, NEC KaiGai Kohei <kaigai@xxxxxxxxxxxxx> -- This message was distributed to subscribers of the selinux mailing list. If you no longer wish to subscribe, send mail to majordomo@xxxxxxxxxxxxx with the words "unsubscribe selinux" without quotes as the message.
