Marko Randjelovic: > SELinux security benefits are vague because it makes possible to > use it's hooks to add a backdoor which would be nearly impossible > to detect: > > https://www.rsbac.org/documentation/why_rsbac_does_not_use_lsm > https://grsecurity.net/lsm.php
SELinux, AppArmor, Smack and Tomoyo are using the Linux Security Module (LSM) framework. I am aware of the claims made by grsecurity regarding LSM, but I do not agree with several of them. > Consider alternatives like PaX/grsecurity and RSBAC. Both seem to be compatible with SELinux. Cheers, Andreas -- To UNSUBSCRIBE, email to [email protected] with a subject of "unsubscribe". Trouble? Contact [email protected] Archive: http://lists.debian.org/[email protected]
