Inside SELinux on Fedora Core 3
Posted Oct 8, 2004 14:12 UTC (Fri) by erich
Parent article: Inside SELinux on Fedora Core 3
One of the big problems of SELinux (and any other process-based access control system, including unix access rights) and Java (and any other VM system, designed to run applications inside a big process, including libapache-mod-perl and PHP) is that it cannot tell the difference between the different users owning the applications or the applications themselves.
For SELinux (or Unix...) the applications at still the calling apache (or tomcat, whatever), running in the apache domain, using the apache userid (www-data etc. usually)
This is a big problem with Java, PHP & Co. If you want to build a secure system you'll want to run every application in a separate domain. Big VMs make this way to slow.
Unless someone comes up with a way of having Java or PHP being a service and cheap (= little memory, little startup) slave daemons that run in separate security contexts, i will avoid using these.
In fact, shared libraries solve this mostly for C applications.
Of course for important apps you can run an own java VM or PHP daemon using FastCGI to get the security back.
Or you can try to compile java apps using gcj.
to post comments)