Am 08.05.2022 20:48, schrieb Michael Lazin:
SELinux was made by the NSA but it open source, anyone can review the
source code, this is part of what makes open source software reliable,
it gets seen by many eyes, and even if you don’t review every line
of code yourself you have a web of trust that someone has reviewed it,
and it is strengthened by key signing which is more common in the
Debian community. Thank you.
Michael Lazin
If you talk about SELinux then let me talk about the times when
Apparmor was not a default component to be installed, when I was
creating and sharing Apparmor profiles to keep this technology
supported. Sure, I have also read into SELinux. It can offer a better
level of security, but it is more difficult to create profiles for it.
The thing about rkhunter as I learned to know it was that it can only
detect known rootkits. So who is adding NSA rootkits then? I am sure the
NSA knows to prevent this. It would be nice to know about the circle of
people who add rootkit descriptions/ detection code. Any way, if they
have written the software, they will always know about the quirks and
intricacies to avoid detection when it comes for them to deploy their
own rootkits.