Re: NSA software in Debian
Marko Randjelovic:
> SELinux security benefits are vague because it makes possible to
> use it's hooks to add a backdoor which would be nearly impossible
> to detect:
>
> https://www.rsbac.org/documentation/why_rsbac_does_not_use_lsm
> https://grsecurity.net/lsm.php
SELinux, AppArmor, Smack and Tomoyo are using the Linux Security
Module (LSM) framework.
I am aware of the claims made by grsecurity regarding LSM, but I do
not agree with several of them.
> Consider alternatives like PaX/grsecurity and RSBAC.
Both seem to be compatible with SELinux.
Cheers,
Andreas
Reply to: