Bug #27549 SELinux Support including MLS (Multi-Level Security) policy
Submitted: 30 Mar 2007 13:17
Reporter: Nils Hammar Email Updates:
Status: Open Impact on me:
None 
Category:MySQL Server: General Severity:S4 (Feature request)
Version: OS:Linux (Linux)
Assigned to: CPU Architecture:Any

[30 Mar 2007 13:17] Nils Hammar 
Description:
One feature that may be for the most extreme users is support for MLS (Multi-Level Security).

This may be very hard to implement, and I'm not expecting to see it soon. Implementing this will be hard, since this will require a new set of attributes that controls the data access. Example: Retrieving a single record may be OK at a low level clearance, but retrieving many records may require a much higher clearance level. This means that there has to be several considerations regarding how data is both entered and retrieved.

It will also be necessary to have audit logging of data insertions, deletes and updates too.

This will definitely require MySQL to be SELinux aware.

And even if this may be feasible for SELinux, there are several other operating systems around too that has to be supported in this case.

At least, this is one idea that could be on the wishlist for the next century :-)

How to repeat:
N/A
[14 Feb 2014 9:23] Daniƫl van Eeden 
SEPostgreSQL seems to be one of the only implementations of SELinux/MLS in a RDBMS:
http://wiki.postgresql.org/wiki/SEPostgreSQL_Introduction