[CentOS] SELinux - way of the future or good idea but !!!

m.roth at 5-cent.us m.roth at 5-cent.us
Tue Nov 30 10:32:26 EST 2010


Ben McGinnes wrote:
> On 30/11/10 10:54 PM, Leonard den Ottolander wrote:
>> On Tue, 2010-11-30 at 02:12 -0800, John Doe wrote:
>>
<snip>
> As you say, it was eventually determined that the NSA did not insert
> anything dodgy in the code to give them access.  They only did two

I dunno, selinux is pretty dodgy....

> things which caused a certain amount of questioning, to a greater or
> lesser extent:
<snip>
> 2) In spite of many requests, they refused point blank to incorporate
> encryption in any of the enhancements.
>
> The reason for the second one is pretty obvious, though, they know
> that SELinux would be (and is) used by non-Americans and they don't
> want to protect foreign secrets, they want to discover them.

Um, not quite: there *are* export controls on encryption, and even if they
wanted it, they couldn't.

       mark



More information about the CentOS mailing list