Re: Time to remove LSM (was Re: [RESEND][RFC][PATCH 2/7] implementation of LSM hooks)

On Mon, 2006-04-24 at 09:04 -0500, Serge E. Hallyn wrote:
> Quoting Alan Cox ([email protected]):
> > Thus this sort of stuff needs to be taken seriously. Can SuSE provide a
> > good reliable policy for AppArmour to people, can Red Hat do the same
> > with SELinux ?
> 
> That's a little more than half the question.  The other 40% is can users
> write good policies.
> 
> I think it will, and already has, become easier for selinux.  But in
> this case I wonder whether some sort of contest could be beneficial.  We
> all know of Russel Coker's open root selinux play machines.  That's a
> powerful statement.  Things I'd like to see in addition are
> 
> 	a. a similar setup with apparmour
> 	b. a similar setup where "mere mortals" set up the selinux policy
> 
> For the first few rounds, rather than judge one way or the other, we
> could hopefully publish the results in a way to encourage a flurry of
> selinux policy tools - one of which may actually be useful.

Personally, I view such contests or challenge machines as meaningless.
At best, they can only show the presence of a flaw, never that the
system is "secure".  And the people most capable of breaking such
systems are not likely to go near such a play machine knowingly.  The
SELinux play machines were nice from an educational point of view,
allowing people to experiment with a SELinux system without needing to
install and set it up themselves, particularly in the days when SELinux
was not integrated into any distro.  But as a meaningful measure of
security, such contests or challenge/play machines aren't really useful.

-- 
Stephen Smalley
National Security Agency

-
To unsubscribe from this list: send the line "unsubscribe linux-kernel" in
the body of a message to [email protected]
More majordomo info at  http://vger.kernel.org/majordomo-info.html
Please read the FAQ at  http://www.tux.org/lkml/

References:
- Re: Time to remove LSM (was Re: [RESEND][RFC][PATCH 2/7] implementation of LSM hooks)
  - From: Crispin Cowan <[email protected]>
- Re: Time to remove LSM (was Re: [RESEND][RFC][PATCH 2/7] implementation of LSM hooks)
  - From: [email protected]
- Re: Time to remove LSM (was Re: [RESEND][RFC][PATCH 2/7] implementation of LSM hooks)
  - From: "Ken Brush" <[email protected]>
- Re: Time to remove LSM (was Re: [RESEND][RFC][PATCH 2/7] implementation of LSM hooks)
  - From: [email protected]
- Re: Time to remove LSM (was Re: [RESEND][RFC][PATCH 2/7] implementation of LSM hooks)
  - From: "Ken Brush" <[email protected]>
- Re: Time to remove LSM (was Re: [RESEND][RFC][PATCH 2/7] implementation of LSM hooks)
  - From: [email protected]
- Re: Time to remove LSM (was Re: [RESEND][RFC][PATCH 2/7] implementation of LSM hooks)
  - From: Lars Marowsky-Bree <[email protected]>
- Re: Time to remove LSM (was Re: [RESEND][RFC][PATCH 2/7] implementation of LSM hooks)
  - From: Alan Cox <[email protected]>
- Re: Time to remove LSM (was Re: [RESEND][RFC][PATCH 2/7] implementation of LSM hooks)
  - From: "Serge E. Hallyn" <[email protected]>
- Re: Time to remove LSM (was Re: [RESEND][RFC][PATCH 2/7] implementation of LSM hooks)
  - From: Alan Cox <[email protected]>
- Re: Time to remove LSM (was Re: [RESEND][RFC][PATCH 2/7] implementation of LSM hooks)
  - From: "Serge E. Hallyn" <[email protected]>

Prev by Date: [(repost) git Patch 1/1] avoid IRQ0 ioapic pin collision
Next by Date: Re: [RFC][PATCH 0/11] security: AppArmor - Overview
Previous by thread: Re: Time to remove LSM (was Re: [RESEND][RFC][PATCH 2/7] implementation of LSM hooks)
Next by thread: Re: Time to remove LSM (was Re: [RESEND][RFC][PATCH 2/7] implementation of LSM hooks)
Index(es):
- Date
- Thread

[Index of Archives] [Kernel Newbies] [Netfilter] [Bugtraq] [Photo] [Stuff] [Gimp] [Yosemite News] [MIPS Linux] [ARM Linux] [Linux Security] [Linux RAID] [Video 4 Linux] [Linux for the blind] [Linux Resources]