On Fri, 2004-02-27 at 07:54, Leonard den Ottolander wrote: > How well scrutinized is this NSA code actually? Everybody can see they > won't slip in an obvious backdoor, but how about nasty little overflows, > tucked away deep inside the code, for which they already have exploits > in their drawer? The SELinux kernel module went through the usual review process on lkml. Further code audit of the SELinux userland patches and new userland packages is certainly welcome; we are certainly capable of making mistakes too, but no, there is no intentional introduction of vulnerabilities. -- Stephen Smalley <sds@xxxxxxxxxxxxxx> National Security Agency
