Re: Attempts at security (was Re: Draft spec for new dpkg "triggers" feature)
On Friday 02 February 2007 22:21, Ian Jackson <email@example.com>
> > > If you want a general purpose hook, or some crazy SE-Linux-specific
> > > feature, then you should probably propose one. Personally I think a
> > > general purpose hook feature would probably be abused so should not be
> > > provided, and I think SE-Linux is no more than an interesting research
> > > project and should not be deployed (ever) so obviously we shouldn't
> > > have any code in dpkg for it.
> > I'm curious, do you have the same attitude towards non-executable stack
> > (Exec-Shield/PaX/OpenWall), Poly-Instantiated directories, and PIE
> > executables?
> This is rather off-topic
So let's move it back to debian-devel where it's on-topic.
> but since you ask, no, I don't have the same
> attitude towards those. My objection to SE Linux is based on the
> complexity required to make anything of it, and as we all know
> complexity is the enemy of security. SE Linux makes the situation
> worse, not better.
One of the enemies of security in Debian is the fact that every person
controls their little area and has no requirement to work towards common
goals (apart from the most obvious ones of making the system work).
This means that instead of having a little cooperation from other developers
anyone who wants to get a significant change included will have to fight
hundreds of battles.
SE Linux is a classic example of this. Debian could have had SE Linux support
long before Fedora, but instead it gets it long afterwards.
The same battles occur with regard to all the other security measures I
mentioned (and some others I didn't). We could made Debian the most secure
Linux distribution, there are many people who have the skills and the
interest in doing so.
You want features such as exec-shield, well you don't get them - because of
other people with the same attitude as you.
> > I'm just wondering if you want Debian to have less security than
> > Fedora in all areas.
> Have you stopped beating your wife ?
No Ian, it was an entirely serious and sensible question. If you wanted no
extra security features then your attitude would make sense. If you want
features in other areas then the best strategy for you to adopt would be to
refrain from actively preventing work on adding optional features that you
don't intend to use.
When you take a deliberately obstructive attitude towards my SE Linux work it
means that I have less time to work on other projects - many of which are
related to improving Debian security.
http://etbe.blogspot.com/ My Blog
http://www.coker.com.au/sponsorship.html Sponsoring Free Software development