Re: ifupdown writes to /etc... a bug?

To: Tommi Virtanen <tv-nospam.2aef2c@debian.org>
Cc: debian-devel@lists.debian.org
Subject: Re: ifupdown writes to /etc... a bug?
From: Russell Coker <russell@coker.com.au>
Date: Fri, 4 Apr 2003 05:05:59 +1000
Message-id: <[🔎] 200304040505.59841.russell@coker.com.au>
Reply-to: Russell Coker <russell@coker.com.au>
In-reply-to: <[🔎] 20030402055830.GA24284@lapdog>
References: <1048366825.2770.26.camel@thanatos> <200303230027.54467.russell@coker.com.au> <[🔎] 20030402055830.GA24284@lapdog>

On Wed, 2 Apr 2003 15:58, Tommi Virtanen wrote:
> On Sun, Mar 23, 2003 at 12:27:54AM +0100, Russell Coker wrote:
> >                                       One thing to consider is that
> > increasing complexity is the enemy of security.
>
> 	Heh. And how do you rationalize pushing SE Linux, which tends
> 	to accumulate huge policies bordering on human comprehension?

SE Linux is based on the LSM interface which only permits restrictive 
controls.  SE Linux can not allow an operation that is otherwise denied by 
Unix permissions.

Therefore if SE Linux goes wrong the worst-case scenario is that the machine 
is equally secure as a machine running a regular Linux kernel.

-- 
http://www.coker.com.au/selinux/   My NSA Security Enhanced Linux packages
http://www.coker.com.au/bonnie++/  Bonnie++ hard drive benchmark
http://www.coker.com.au/postal/    Postal SMTP/POP benchmark
http://www.coker.com.au/~russell/  My home page

Reply to:

References:
- Re: ifupdown writes to /etc... a bug?
  - From: Tommi Virtanen <tv-nospam.2aef2c@debian.org>

Prev by Date: Re: [cyrille@chepelov.org: Re: valgrind status]
Next by Date: Re: Group by functionality or family? [WAS: Bug#187245:galeon-snapshot: idiotic section change]
Previous by thread: Re: ifupdown writes to /etc... a bug?
Next by thread: Re: ifupdown writes to /etc... a bug?
Index(es):
- Date
- Thread