Re: Turning off SELINUX

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

 

I know SELinux is not about encryption, it is about limiting access to the system AFTER a breach has ocurred. (That is my understanding AFAIK, and that is why I think it is a good idea).
My beef is given the NSA origin of this software, It could very well have a backdoor to turn itself off under the appropriate circumstances like an NSA-sponsored breach an allow unrestricted access to my system..
I know it is a long shot and a lot of paranoid-think, after all, if I have to depend on SELinux to defend my system from external breaches, I am F*ck up already. Attackers should first have to breach the firewall and then obtain some sort of user access, then trick the system to scalate it to a root access before SELinux comes into play. But again, It is good to know that all links in the chain to being pawned are good and strong before trusting them, and this article certainly throws some mud to whatever contribution NSA has made to any security system.

My 2 cents.




On Thu, Sep 5, 2013 at 4:14 PM, Michael Schwendt <mschwendt@xxxxxxxxx> wrote:
On Thu, 5 Sep 2013 15:41:06 -0500, Javier Perez wrote:

> After reading this, I am turning off SELINUX
>
> http://www.theguardian.com/world/2013/sep/05/nsa-gchq-encryption-codes-security
>
>
> Until I hear of  a thorough code review by a non-USA team of this code, I
> do not feel safe using it, privacy wise.
>
> It's a pity because SELINUX is a good idea.

SELinux is not about encryption, though.
--
users mailing list
users@xxxxxxxxxxxxxxxxxxxxxxx
To unsubscribe or change subscription options:
https://admin.fedoraproject.org/mailman/listinfo/users
Fedora Code of Conduct: http://fedoraproject.org/code-of-conduct
Guidelines: http://fedoraproject.org/wiki/Mailing_list_guidelines
Have a question? Ask away: http://ask.fedoraproject.org



--
------------------------------
 /\_/\  
 |O O|  pepebuho@xxxxxxxxx
 ~~~~     Javier Perez
 ~~~~          While the night runs
 ~~~~          toward the day...
  m m       Pepebuho watches
                from his high perch. 
-- 
users mailing list
users@xxxxxxxxxxxxxxxxxxxxxxx
To unsubscribe or change subscription options:
https://admin.fedoraproject.org/mailman/listinfo/users
Fedora Code of Conduct: http://fedoraproject.org/code-of-conduct
Guidelines: http://fedoraproject.org/wiki/Mailing_list_guidelines
Have a question? Ask away: http://ask.fedoraproject.org
[Index of Archives]     [Older Fedora Users]     [Fedora Announce]     [Fedora Package Announce]     [EPEL Announce]     [EPEL Devel]     [Fedora Magazine]     [Fedora Summer Coding]     [Fedora Laptop]     [Fedora Cloud]     [Fedora Advisory Board]     [Fedora Education]     [Fedora Security]     [Fedora Scitech]     [Fedora Robotics]     [Fedora Infrastructure]     [Fedora Websites]     [Anaconda Devel]     [Fedora Devel Java]     [Fedora Desktop]     [Fedora Fonts]     [Fedora Marketing]     [Fedora Management Tools]     [Fedora Mentors]     [Fedora Package Review]     [Fedora R Devel]     [Fedora PHP Devel]     [Kickstart]     [Fedora Music]     [Fedora Packaging]     [Fedora SELinux]     [Fedora Legal]     [Fedora Kernel]     [Fedora OCaml]     [Coolkey]     [Virtualization Tools]     [ET Management Tools]     [Yum Users]     [Yosemite News]     [Gnome Users]     [KDE Users]     [Fedora Art]     [Fedora Docs]     [Fedora Sparc]     [Libvirt Users]     [Fedora ARM]

  Powered by Linux