Am 05.01.2015 um 07:21 schrieb Martijn Dekkers:
There are several areas where there are
significant legal requirements around disallowing the concept of a root
/ UID 0 user to have overriding access. Please be advised that SELinux
was built by the NSA *specifically* to be able to meet these legal
requirements.
Root *can* disable SELinux. It may require a reboot, but updating the
kernel also requires a reboot, thus it happens every other month anyway.
Am 05.01.2015 um 18:29 schrieb Rainer H. Rauschenberg:
Admin has to take ownership of the file to change
permissions and can't give back ownership to the original owner, so the
manipulation can be traced back to him (his account).
Windows Admin *can* set ownership to any arbitrary user.
Also there are lots of other ways to access data. There is only one way
to hide data from admins: encrypt it.
Reliable separation of processes requires hardware-support, i.e.
virtualization, see for example qubes-os.org
The effectiveness of pure software methods is always limited. They can
be useful, this depends on your threat model.
Klaus
_______________________________________________
Dng mailing list
[email protected]
https://mailinglists.dyne.org/cgi-bin/mailman/listinfo/dng
