[Date Prev][Date Next] [Thread Prev][Thread Next] [Date Index] [Thread Index]

Re: Attempts at security (was Re: Draft spec for new dpkg "triggers" feature)

On Friday 02 February 2007 22:21, Ian Jackson <ian@davenant.greenend.org.uk> 
wrote:
> > > If you want a general purpose hook, or some crazy SE-Linux-specific
> > > feature, then you should probably propose one.  Personally I think a
> > > general purpose hook feature would probably be abused so should not be
> > > provided, and I think SE-Linux is no more than an interesting research
> > > project and should not be deployed (ever) so obviously we shouldn't
> > > have any code in dpkg for it.
> >
> > I'm curious, do you have the same attitude towards non-executable stack
> > (Exec-Shield/PaX/OpenWall), Poly-Instantiated directories, and PIE
> > executables?
>
> This is rather off-topic

So let's move it back to debian-devel where it's on-topic.

> but since you ask, no, I don't have the same  
> attitude towards those.  My objection to SE Linux is based on the
> complexity required to make anything of it, and as we all know
> complexity is the enemy of security.  SE Linux makes the situation
> worse, not better.

One of the enemies of security in Debian is the fact that every person 
controls their little area and has no requirement to work towards common 
goals (apart from the most obvious ones of making the system work).

This means that instead of having a little cooperation from other developers 
anyone who wants to get a significant change included will have to fight 
hundreds of battles.

SE Linux is a classic example of this.  Debian could have had SE Linux support 
long before Fedora, but instead it gets it long afterwards.

The same battles occur with regard to all the other security measures I 
mentioned (and some others I didn't).  We could made Debian the most secure 
Linux distribution, there are many people who have the skills and the 
interest in doing so.

You want features such as exec-shield, well you don't get them - because of 
other people with the same attitude as you.

> > I'm just wondering if you want Debian to have less security than
> > Fedora in all areas.
>
> Have you stopped beating your wife ?

No Ian, it was an entirely serious and sensible question.  If you wanted no 
extra security features then your attitude would make sense.  If you want 
features in other areas then the best strategy for you to adopt would be to 
refrain from actively preventing work on adding optional features that you 
don't intend to use.

When you take a deliberately obstructive attitude towards my SE Linux work it 
means that I have less time to work on other projects - many of which are 
related to improving Debian security.

-- 
russell@coker.com.au
http://etbe.blogspot.com/          My Blog

http://www.coker.com.au/sponsorship.html Sponsoring Free Software development
Reply to: