Hi all, as you may know, there is a "quadRooter" exploit for most of the available Android devices. https://www.checkpoint.com/downloads/resources/quadRooter-vulnerability-rese... Among others, it is possible to exploit because it is possible to disable SELinux (page 10) After years of using FreeBSD and securing them, I was astonished when I saw someone disabling SELinux the first time. How could that be? I am used to securelevels in FreeBSD, see security(7), https://www.checkpoint.com/downloads/resources/quadRooter-vulnerability-rese... The kernel runs with five different security levels. Any super-user process can raise the level, but no process can lower it. chflags(1) is used to harden access to files, with securitylevel 1 or higher it is not possible to alter them neither (in contrast to SELinux where I can change the security contexts of files on a running SELinux hardened system) The current exploit is a fine example why this kind of approach is needed. No process should be able to disarm a hardened system. Linux containers do not seem to give too much additional security, so it is always recommended to use SELinux to increase the security.. It sometimes feels like a "better than nothing" trap, giving the false sense of security. Should SELinux be reworked so that disarming is not possible? Regards Peter