From: "Jason White" <jason@jasonjgw.net>
Robin Humble <rjh+luv@cita.utoronto.ca> wrote:
...it didn't really, but... is anyone still a selinux fanboi after the recent NSA revelations?
if so then (Russell, I'm looking at you :-) why are you still confident selinux is a good thing and not just something designed to be so complex or so subtly buggy that the NSA can hide backdoors in it?
The code has been worked on extensively by people who are not associated with the NSA, so at this point I'm not concerned that it harbours intended vulnerabilities. Also remember that SELinux adds to the security of a system: the Linux discretionary access controls are checked first. Only if the operation is allowed is SELinux invoked to apply the security policy.
That's correct. But I still need additional layers being reliable, otherwise it just adds a false sense of security. At least in the server I rather rely on containers. The FreeBSD jail implementation is completely done in the kernel without further userland configuration. According to Robert Watson he needed to change/add ca. 600 lines to implement it, that is clearly easier to audit than the complex SELinux rules. At the same time it contains services pretty well. As for Androids etc. - I would not trust them as far as I can throw them. I wonder whether people are interested in a "connection fob" which is giving you the functionality of a wireless modem, phone connectivity and GSM, as well as contains and hides devices behind it. It would improve our security and privacy significantly if that little thing is open-source and has practical mechanical switches to enable/disable connectivity, I believe. Behind it, a phone is a (IP) phone and a tablet is a tablet and a computer a computer and they all do not rely on plenty of closed source drivers etc because they do not need to implement the connectivity functions anymore. And the data exchenge between them is tightly controlled. The connection fob would be the most useful "smartwatch" I could imagine. Regards Peter