[Date Prev][Date Next] [Thread Prev][Thread Next] [Date Index] [Thread Index]

Re: NSA software in Debian

Marko Randjelovic:
> SELinux security benefits are vague because it makes possible to
> use it's hooks to add a backdoor which would be nearly impossible
> to detect:
> https://www.rsbac.org/documentation/why_rsbac_does_not_use_lsm 
> https://grsecurity.net/lsm.php

SELinux, AppArmor, Smack and Tomoyo are using the Linux Security
Module (LSM) framework.

I am aware of the claims made by grsecurity regarding LSM, but I do
not agree with several of them.

> Consider alternatives like PaX/grsecurity and RSBAC.

Both seem to be compatible with SELinux.


Reply to: