Jason White <jason@jasonjgw.net> writes:
Trent W. Buck <trentbuck@gmail.com> wrote:
Robin Humble <rjh+luv@cita.utoronto.ca> writes:
Android 4.3 has started using selinux. do we really trust android vendors to be on top of complex selinux configs or would we be better off with it err, off?
If you're running Frobozz distro and you don't trust Frobozz, Inc. to get security right, maybe you should pick a different distro.
Agreed. further, turning SELinux off is going to make security worse, because in that case no mandatory access controls are applied at all. Even if there's a bug in a policy that permits an operation which should not be allowed, the policy is still going to prevent numerous other potentially undesirable accesses.
Having said that, if he's concerned about SELinux complexity, he should compile Linux without SELinux (rather that compiling it in and then disabling it) -- or run a simpler kernel entirely (e.g. OpenBSD's).