[Date Prev][Date Next] [Thread Prev][Thread Next] [Date Index] [Thread Index]

Re: Making SELinux standard for etch

On Thu, Oct 12, 2006 at 02:12:54PM +0100, Ian Jackson wrote:
> Indeed, if you're willing to take my word as a computer security
> expert[1] for it, I can say with confidence that selinux is not the
> right approach to fixing the security problems with our systems.
> It probably does more harm than good.
> ([1] I have a PhD in computer security from Cambridge University,
> 8 years' practical experience in the computer security industry, and a
> similar period of experience as an author of Free security software.)

Ian, why are you doing this?  You must surely know better by now.
Trying to pull you credentials isn't going to do you any good; SELinux
is developed by plenty of people with solid credentials, as I hope
you realize if you did even a cursory investigation.  All it does is
make you sound presumptuous.

It absolutely blows my mind that you can sit here and calmly assert
that a project as thoroughly designed and audited (and generally
respected) as SELinux is simply "more harm than good", whatever the
quality of the Debian-specific patches, and expect to be taken

Daniel Jacobowitz

Reply to: