Any secure system needs to be configured correctly to best serve the needs of users and the business. Previously, I've covered AppArmor and MySQL, and more recently SELinux and MySQL. To round out a healthy trio on running MySQL in environments with mandatory access control, Glenn Faden has written a post on Oracle Solaris Extended Policy and MySQL.
Extended Policy is a feature of Solaris that allows you to assign named privileges on resources—such as ports and files—to services. I'm not hugely familiar with Extended Policy (or Solaris for that matter), but according to Glenn it's similar to SELinux[Read more...]