> Anyone seen this? What a joke! Well for the Government i suppose that
> this is the best that they can do with 1.2 billion-trillion tax dollars. I
> mean if you want something secure use OpenBSD or MacOS!!!!!! anyway - check
> it out
>
> http://www.nsa.gov/selinux/download.html
>
> I like their use of wu-FTP as their "secure ftp server. :-)
Of course, you've carefully examined what SELinux does, and how it
operates? I can tell not. SELinux is not about audit, but about the
design of a system to be secure in the face of errors. Specifically it is
about a means to structure access (via policies), that allows you to
remove root access entirely!
Yes, I've seen it, I'm on the mailing list, I actually understand
security. It's more than just audit. Much more. Audit will fix holes.
This will enable you to be secure despite holes.
Suggest you check out the links there (http://www.nsa.gov/selinux), as well as:
http://www.niap.nist.gov/cc-scheme/
http://csrc.nist.gov/publications/secpubs/rainbow/
and educate yourself on security.
(BTW: the FTP server is NOT part of SELinux, which is only concerned with
adding the policy pieces to the kernel, and adding the user-space tools to
manage policy).
jeff
-----------------------------------------------------------------------
Jeffry Smith Technical Sales Consultant Mission Critical Linux
[EMAIL PROTECTED] phone:603.930.9739 fax:978.446.9470
-----------------------------------------------------------------------
Thought for today: payware /pay'weir/ n.
Commercial software. Oppose
shareware or freeware.
>
> ~kurth
>
>
> **********************************************************
> To unsubscribe from this list, send mail to
> [EMAIL PROTECTED] with the following text in the
> *body* (*not* the subject line) of the letter:
> unsubscribe gnhlug
> **********************************************************
>
**********************************************************
To unsubscribe from this list, send mail to
[EMAIL PROTECTED] with the following text in the
*body* (*not* the subject line) of the letter:
unsubscribe gnhlug
**********************************************************
