LWN.net Logo

Not logged in

Log in now

Create an account

Subscribe to LWN

Recent Features

LWN.net Weekly Edition for May 16, 2013

A look at the PyPy 2.0 release

PostgreSQL 9.3 beta: Federated databases and more

LWN.net Weekly Edition for May 9, 2013

(Nearly) full tickless operation in 3.10

Printable page
Weekly edition Kernel Security Distributions Contact Us Search
Archives Calendar Subscribe Write for LWN LWN.net FAQ Sponsors

SELinux and PostgreSQL: a worthwhile union?

SELinux and PostgreSQL: a worthwhile union?

Posted Dec 4, 2009 20:26 UTC (Fri) by michaeljt (subscriber, #39183)
Parent article: SELinux and PostgreSQL: a worthwhile union?

Interesting - if I skimmed through his README correctly, SELinux is not being used to enforce things, but being queried as a database about whether to allow or to deny specific actions. That is the first time I have seen it used in that way (I assume that that is normally more how the kernel uses it internally).

(Log in to post comments)

SELinux and PostgreSQL: a worthwhile union?

Posted Dec 4, 2009 22:32 UTC (Fri) by dpquigl (subscriber, #52852) [Link]

There currently is at least one more example of this. The base concept is called a user-space object manager. The idea is that an application may have objects that exist outside the OS model that it wants to mediate access over. For instance an application may store its information in one file which the OS can label however that file is composed of a bunch of application specific objects. I'm sure KaiGai has a much better description than I can hope to give in his documentation.

In addition to SE-Postgres work has been done in the X server to provide a framework similar to the LSM framework called XACE (X Access Control Extensions). Just like the LSM framework you can create modules for XACE and one for SELinux has been developed. So the X server is acting as the enforcement mechanism and it queries the kernel security server to ask about access decisions just like SE-Postgres does.

SELinux and PostgreSQL: a worthwhile union?

Posted Dec 7, 2009 2:35 UTC (Mon) by kaigai (subscriber, #12001) [Link]

More generally, Linux kernel also has similar design.

It manages system resources such as files and networks.
When a user tries to access these resources, he has to invoke system calls.
The kernel has routines to handle system calls, and these routines
voluntarily
invoke SELinux code (via LSM) whether the requires access should be allowed,
or not.

SELinux makes its access control decision, and return it into the caller,
then the caller performs according to the decision.
On the model, we call it "security server" which can provide access control
decision independent from the class of subsystems.

SELinux and PostgreSQL: a worthwhile union?

Posted Dec 10, 2009 10:29 UTC (Thu) by michaeljt (subscriber, #39183) [Link]

And here I take it that the database is the equivalent of the filesystem, with the SELinux labels stored inside it associated with the parts of the database they relate to?

Copyright © 2013, Eklektix, Inc.
Comments and public postings are copyrighted by their creators.
Linux is a registered trademark of Linus Torvalds