10 Sep
2013
10 Sep
'13
3:06 p.m.
On Tue, Sep 10, 2013 at 05:50:10PM +1000, Jason White wrote:
Robin Humble <rjh+luv@cita.utoronto.ca> wrote:
have there been many (any?) real world examples of selinux stopping attacks? yes. red Hat has documented them. There was an article published in which Red Hat noted that a significant proportion of vulnerabilities in Red Hat Enterprise Linux were such that SELinux restrictions would provide real protection
I can find only 2 hypothetical successful defences from about 2008. one samba bug and one obscure printer daemon. weighed up against the 1 vulnerability selinux caused, I guess that it's slightly ahead. that list isn't a ringing endorsement though... is there a better list somewhere? cheers, robin