[Date Prev][Date Next] [Thread Prev][Thread Next] [Date Index] [Thread Index]

Re: Security patches

On Sat, 2003-11-29 at 04:05, Martin Pitt wrote:

> SELinux only uses LSM which makes it easy to port, but seems
> impractical and even dangerous for real-world use [1][2].

The main complaint on those pages seems to be that LSM is only focused
on access control.  You may or may not regard that as a flaw, but you
can get an enormous amount of security (as SELinux has demonstrated)
with pure access control.

SELinux is quite practical, as the number of people using it

As for "dangerous" - that's just total crap.  If someone has the
capability to install a rootkit at all, your system is totally lost.

Attachment: signature.asc
Description: This is a digitally signed message part

Reply to: