Re: SELinux removed from desktop cd spin?

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

 



On Thu, 2008-01-17 at 15:53 +0100, Valent Turkovic wrote:

> Are you actually hoping to really protect from real threats? Not even 
> SElinux can protect from rootkits.

Um ... yes, it can.

Russel Coker for many years has run an SELinux enabled server on the
open Internet ... with an openly published root password.  In all those
years, with full root access, not one single crack attempt has
succeeded.

> A quick googleing showed that security experts see SELinux like a 
> backdor and as a problem just waiting to happed, and they suggest 
> UNINSTALLING SElinux!
> 
> "As a final note, I follow the logic of the grsecurity team, who claim 
> that LSM and SELinux are backdoors waiting to happen."

One could just as easily say (as if it were an actual argument):

        "As a final note, I follow the logic of the NSA and Red Hat
        security experts, who claim that grsecurity is a backdoor
        waiting to happen"

I'm not going to go taking shots at the grsecurity team, who have spent
many years attacking SELinux (which "competes" with their "solution".)
They clearly have a biased opinion

But when it comes to who knows how to implement IT security, I'll take
the US's National Security Agency over just about any group in the
history of the world.

In the "fantasy football" of NSA v. grsecurity team, I wonder who wins?

-- 
Karsten Wade, Developer Community Mgr.
Dev Fu : http://developer.redhatmagazine.com
Fedora : http://quaid.fedorapeople.org
gpg key : AD0E0C41

Attachment: signature.asc
Description: This is a digitally signed message part

-- 
fedora-devel-list mailing list
fedora-devel-list@xxxxxxxxxx
https://www.redhat.com/mailman/listinfo/fedora-devel-list

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]
[Index of Archives]     [Fedora Announce]     [Fedora Kernel]     [Fedora Testing]     [Fedora Formulas]     [Fedora PHP Devel]     [Kernel Development]     [Fedora Legacy]     [Fedora Maintainers]     [Fedora Desktop]     [PAM]     [Red Hat Development]     [Gimp]     [Yosemite News]
  Powered by Linux