[CentOS] SELinux - way of the future or good idea but !!!

Tue Nov 30 15:32:26 UTC 2010
m.roth at 5-cent.us <m.roth at 5-cent.us>

Ben McGinnes wrote:
> On 30/11/10 10:54 PM, Leonard den Ottolander wrote:
>> On Tue, 2010-11-30 at 02:12 -0800, John Doe wrote:
>>
<snip>
> As you say, it was eventually determined that the NSA did not insert
> anything dodgy in the code to give them access.  They only did two

I dunno, selinux is pretty dodgy....

> things which caused a certain amount of questioning, to a greater or
> lesser extent:
<snip>
> 2) In spite of many requests, they refused point blank to incorporate
> encryption in any of the enhancements.
>
> The reason for the second one is pretty obvious, though, they know
> that SELinux would be (and is) used by non-Americans and they don't
> want to protect foreign secrets, they want to discover them.

Um, not quite: there *are* export controls on encryption, and even if they
wanted it, they couldn't.

       mark