Re: OBSD's perspective on SELinux

Sat, 22 Sep 2007 09:39:51 -0700 

On 9/23/07, Jason Dixon <[EMAIL PROTECTED]> wrote:
> On Sep 22, 2007, at 12:00 PM, Darrin Chandler wrote:
>
> > On Sat, Sep 22, 2007 at 11:34:33AM -0400, Douglas A. Tutty wrote:
> >> Linux has SELinux in its 2.6 kernel and debian has gone ahead and
> >> compiled SELinux into the libraries, although the SELinux policies
> >> aren't ready on debian yet.  The whole focus seems to be to make
> >> Linux
> >> "more secure".  I'm not sure what to make of it.  I figure that if
> >> you
> >> want secure, you switch to OBSD.
> >>
> >> Could someone who knows both the details of OBSDs security
> >> enhancements
> >> and the details of SELinux comment?
> >
> > I don't know all the details, and especially not the SELinux details,
> > but that won't stop me from commenting.
> >
> > Not long ago I was talking with a Linux person about security, and
> > they
> > pointed me to a set of patches that did a lot of nifty stuff. Good
> > stuff, like the things you find OpenBSD doing. But it's not in the
> > mainline kernel, it's a set of patches.
> >
> > Security should not be grafted on, it should be integrated into the
> > main development process.

yes you're right. Although that point no longer holds. SELinux is more
or less "official" now. But for a looong (long) time, it was pretty
apparent what the focus of the developers was *not* on.... And even
now so.... (IMO)


> > I'm sure the patch maintainers are doing
> > their
> > best, but this doesn't change the fundamental flaw in the process.
> > It's
> > not a flaw of their making, it's inherent in the situation. But it's
> > still a flaw.
> >
> > Compare that to a complete operating system (OpenBSD) where
> > security is part of
> > code quality, and part of the normal mainline development.
>
> If I could add one thing to Darrin's comment (of which I agree
> completely), it would be this:
>
> SELinux is a button.  Buttons are easy to turn off.
>

button, yes. The scary (or "interesting", depending on how you see it)
bit is that there is a whole infrastructure (LKM) behind it making it
easy(?) to create, and plug in your own buttons to do your own funky
stuff...


-jf

--
In the meantime, here is your PSA:
"It's so hard to write a graphics driver that open-sourcing it would not help."
    -- Andrew Fear, Software Product Manager, NVIDIA Corporation
http://kerneltrap.org/node/7228

Reply via email to