[CentOS] SELinux - way of the future or good idea but !!!

Leonard den Ottolander leonard at den.ottolander.nl
Tue Nov 30 06:54:57 EST 2010


Hello John,

On Tue, 2010-11-30 at 02:12 -0800, John Doe wrote:
> From: Les Mikesell <lesmikesell at gmail.com>
> > why are you  putting blind faith in the SELinux code?

The SELinux restrictions are a much bigger hurdle to take for a buffer
overflow exploit than setting a "safe" uid.

> Because it comes from the NSA!
> The backdoor experts... ;P

> PS: joking of course, the NSA would never do anything bad...

This of course was a serious concern by any of the early adopters. It
has been discussed in length on various mailing lists. But since the
code is available it can and has been audited. Unless of course the
Linux developers are collaborating with the NSA to take over your
computer and they slipped us a mickey.

Regards,
Leonard. 

-- 
mount -t life -o ro /dev/dna /genetic/research




More information about the CentOS mailing list