Are there any good examples out there of locking down a webapp's access to a database using SEPostGreSQL and some web language like Ruby on Rails? I looked at Kaigai's and the SELinux Notebook examples for sepgsql policy and it seems to use the types in reference policy instead of creating new types for objects and only provides separation through MCS. It would be nice to go over either an indepth example that uses different types from reference policy or maybe showcases locking down a specific application.
