Re: SELinux

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

 



> No security at all is pretty insecure (obviously)

Surprisingly that isn't always the case. A situation where there is known
to be no system security will often mean the other systems adapt
appropriately. Email for example provides no security, because of that
other things adapt to cope, including behaviour.

The end result at a higher level can still be secure. "I know this
machine is probably untrusted so I won't log in via it" and "I'll phone
my card details instead" are both secure results.

> involved security systems are likely to be not very secure (because they
> contain large numbers of defects and/or because they are too hard to
> manage effectively).  In between those extremes, though, the smooth
> relationship breaks down.  There's no "optimal" level of complexity
> because of dependencies on environmental conditions.

The environment is variety that needs to be absorbed. It would seem to be
its interactions with the environment (user included) that determine the
variety of inputs permissible and thus the complexity.

This is why a cashpoint has minimal interface. It is why a lot of
industrial control and military systems do one job. It is why basic
firewalls are simple. User desktops that work on the "you may only run
the exact listed commands, which may use the exact listed files, and run
each other in the exact listed way" have been done, but while they work
for certain things (eg fixed purpose front desks) they tend to annoy the
hell out of anyone else. When you generalise them by making the
categories broad you get the Android model which works for certain
limited phone cases but even then is not really up to more complex stuff.

The firewall case is a good one. A simple firewall reduces the whole
security model to a very simple set of questions. When you try to do
complex analysis of attacks patterns and detect stuff like post break-in
suspicious activity the code in question explodes in complexity at amazing
speed.

SELinux is the same - login/password is easy, beyond that the complexity
of a general purpose desktop is massive

Alan
-- 
users mailing list
users@xxxxxxxxxxxxxxxxxxxxxxx
To unsubscribe or change subscription options:
https://admin.fedoraproject.org/mailman/listinfo/users
Guidelines: http://fedoraproject.org/wiki/Mailing_list_guidelines

[Index of Archives]     [Older Fedora Users]     [Fedora Announce]     [Fedora Package Announce]     [EPEL Announce]     [EPEL Devel]     [Fedora Magazine]     [Fedora Summer Coding]     [Fedora Laptop]     [Fedora Cloud]     [Fedora Advisory Board]     [Fedora Education]     [Fedora Security]     [Fedora Scitech]     [Fedora Robotics]     [Fedora Infrastructure]     [Fedora Websites]     [Anaconda Devel]     [Fedora Devel Java]     [Fedora Desktop]     [Fedora Fonts]     [Fedora Marketing]     [Fedora Management Tools]     [Fedora Mentors]     [Fedora Package Review]     [Fedora R Devel]     [Fedora PHP Devel]     [Kickstart]     [Fedora Music]     [Fedora Packaging]     [Fedora SELinux]     [Fedora Legal]     [Fedora Kernel]     [Fedora OCaml]     [Coolkey]     [Virtualization Tools]     [ET Management Tools]     [Yum Users]     [Yosemite News]     [Gnome Users]     [KDE Users]     [Fedora Art]     [Fedora Docs]     [Fedora Sparc]     [Libvirt Users]     [Fedora ARM]

  Powered by Linux