Trent W. Buck <[email protected]> wrote: > Robin Humble <[email protected]> writes: > > Android 4.3 has started using selinux. do we really trust android > > vendors to be on top of complex selinux configs or would we be better > > off with it err, off? > > If you're running Frobozz distro and you don't trust Frobozz, Inc. to > get security right, maybe you should pick a different distro.
Agreed. further, turning SELinux off is going to make security worse, because in that case no mandatory access controls are applied at all. Even if there's a bug in a policy that permits an operation which should not be allowed, the policy is still going to prevent numerous other potentially undesirable accesses. _______________________________________________ luv-main mailing list [email protected] http://lists.luv.asn.au/listinfo/luv-main
