On May 24, 2005, at 4:04 AM, Peter Farrow wrote:
> Maybe so... and if it works for you then use it, but sometimes when
> people say? "but we needed this or we needed that",? they haven't
> allways sat down and thought "why do we need it" or "do we really
> 'need' this ?"
>
> Even having worked on government classified networks I have *never*
> seen an instance where the standard access controls offered by
> Linux/Unix didn't do what was required.
>
> Often DAC/MAC setups leads to inferior security because they can get
> very complex to setup, and the term "can't see the wood for the trees"
> springs to mind.
>
> As is most often the case the best security is the simplest, and
> DAC/MAC bloat doesn't help in any way.
I'm in agreement with you here. Nothing good can be had by throwing
additional code at an already complex problem. I understand the need
for MAC-type granularity, but SELinux is a bolt-on "solution" that
causes as many problems as it solves. The answer lies in simplicity.
If the solution cannot be found within the current design, then the
current design is broken. Folks should not be afraid to change the
UNIX permissions paradigm just because it's been the status quo for
decades.
Funny anecdote:
I was giving a lightning talk at a Linux Security mini-conference in PA
a couple months back. Marcus Ranum (of Nessus fame) was also speaking
there. The overwhelming majority of speakers and attendees were
pro-SELinux, as there was a lot of overflow from the DC SELinux
conference the week before. Marcus is a very agnostic fellow who will
tell you that all operating systems suck at one thing or another. It
was funny catching glances of him shaking his head and grimacing as
folks extolled the virtues of SELinux on Linux PDA's. :)
--
Jason Dixon
DixonGroup Consulting
http://www.dixongroup.net
