On Aug 19, 2007, at 17:12:41, [email protected] wrote:
On Sat, 18 Aug 2007 01:29:58 EDT, Kyle Moffett said:
If you can show me a security system other than SELinux which is
sufficiently flexible to secure those 2 million lines of code
along with the other 50 million lines of code found in various
pieces of software on my Debian box then I'll go put on my dunce
hat and sit in the corner.
/me hands Kyle a dunce cap. :)
Unfortunately, I have to agree that both AppArmor and Smack have at
least the potential of qualifying as "securing the 2M lines of code".
The part that Kyle forgot was what most evals these days call the
"protection profile" - What's the threat model, who are you
defending against, and just how good a job does it have to do?
I'll posit that for a computer that is (a) not networked, (b)
doesn't process sensitive information, and (c) has reasonable
physical security, a security policy of "return(permitted);" for
everything may be quite sufficient.
Well, in this case the "box" I want to secure will eventually be
running multi-user X on a multi-level-with-IPsec network. For that
kind of protection profile, there is presently no substitute for
SELinux with some X11 patches. AppArmor certainly doesn't meet the
confidentiality requirements (no data labelling), and SMACK has no
way of doing the very tight per-syscall security requirements we have
to meet. I didn't make this clear initially but that is the kind of
system I'm talking about wanting to secure some 50 million lines of
code on.
(Of course, I also have boxes where "the SELinux reference policy
with all the MCS extensions plus all the LSPP work" is someplace
I'm trying to get to).
Well, for some of the systems we distribute, "all the MCS extensions
plus all the LSPP work" is nowhere near enough security; we need full-
fledged multi-level-security, role-based-access-control, and specific
per-daemon MAC restrictions.
Cheers,
Kyle Moffett
-
To unsubscribe from this list: send the line "unsubscribe linux-kernel" in
the body of a message to [email protected]
More majordomo info at http://vger.kernel.org/majordomo-info.html
Please read the FAQ at http://www.tux.org/lkml/
[Index of Archives]
[Kernel Newbies]
[Netfilter]
[Bugtraq]
[Photo]
[Stuff]
[Gimp]
[Yosemite News]
[MIPS Linux]
[ARM Linux]
[Linux Security]
[Linux RAID]
[Video 4 Linux]
[Linux for the blind]
[Linux Resources]
