Peter Magnusson wrote:
On Thu, 23 Jun 2005, Stephen Smalley wrote:
But remember that SELinux is:
- upstream (in the mainline Linux 2.6 kernel),
When was SELinux included in the mainline Linux 2.6, what version?
2.6.0 IIRC
- open source (kernel code and userland and policy),
- a truly community-based project (with significant contributions by
external developers and users) ever since its initial release by the NSA
in 2000,
I feel that its interesting that NSA, famous for spying on other
nations, is helping to make linux more secure. Isnt that
counterproductive? :)
NSA has two main missions. See their site
http://www.nsa.gov/home_html.cfm
<snip>
Im sure NSA would love to have backdoor to SELinux if someone with evil
reasons (what NSA thinks is evil) uses SELinux. Since SELinux is open
source it cant be something obviously because it will be found very
quickly. Must be something that its really, really well hidden.
Think about it... It is probably the most examined code in the whole
open source world. "many eyes" carried to the extreme!
I guess you have heard opinions like this before :)
It was the first things I thought about when I first heard about SELinux
several years ago.
Just because you are paranoid doesn't mean someone is not out to get you.
Richard
--
fedora-selinux-list mailing list
fedora-selinux-list@xxxxxxxxxx
http://www.redhat.com/mailman/listinfo/fedora-selinux-list
