Tom Needs a Hat Mitchell wrote:
On Sun, Mar 07, 2004 at 03:54:35PM -0500, Jim Cornette wrote:
....
......
If I haven't a clue to what SELinux is really about. I am sorry that
nothing sunk into me with my prior exposure to the project goals.
We live in a world that mirrors security enhanced goals. Doors and
windows can have locks, you may or may not have a key, the door may or
may not be locked. Doors can be solid or have windows. Doors and
rooms with doors can be behind doors.
"End systems must be able to enforce the separation of information
based on confidentiality and integrity requirements to provide
system security."
....
"The system provides a mechanism to enforce the separation of
information based on confidentiality and integrity requirements."
If you drive up to a good restaurant and the valet offers to park your
car. Do you:
A. give him your entire key ring: car, house, shed, office, safe deposit box.
B. give him only the ignition key.
C. drive past and self park.
C, but maybe B in certain cases.
If you are shopping do you place packages in the trunk or on the seat
where they are visible the entire time you are in the next store.
Stay with the car or put them out of site.
If you lock the front door to your house do you latch the back door;
windows?
Yep
The key is that the system must be able to separate things.
Not that we will but we can.
Just as long as the seperation doesn't impede my use of the system and
cause additional frustrations. From your comparisons to ordinary real
life functions, I would say that some security and added impeding
additions are needed. I think that locks and having to keep things out
of site are added distractions to ordinary life things. I doubt I'd walk
away and leave the house open or put things in the site of the
malicious. Thanks for the comparison.
For most folks SELinux is going to be _overkill_ but the analysis of
the OS and ability to enforce mandatory access control are important.
No doubt! But usability is hard to give up, when not used to jumping
through hoops.
Just as many cities have code requirements for walls and external doors
this can be a good thing.
I can see this with users wanting no passwords and wanting to run as
root user. If some practical security was not mandated, Linux would have
ended up pretty dangerous with malware attacks. I'll probably try out
SELinux shortly. I was sitting back and reading the list before I
actually tried to set it up.
Of interest WinNT (RIP, out of support in ???) has a good framework
for security but over worked administrators, lack of open
documentation and source, and yes the lame folk at MS, never took it
to a useful place. In part this quality of WinNT is a 'secret'
because most important applications and tools were not security aware.
This applies to my knowledge of SELinux and the fear of losing some
control of one's computer. When put into the light that there might be
security aware applications, as well as prevention from irrational
operations performed by userland, kernel, system or administration,
feel more at ease with the concept.
I expect that 1% of Linux users will install SELinux layers. 100%
will profit from the effort.
It depends on how well it keeps itself inline with staying out of site
for a normal user. I have no guess on the percentage of Linux users that
will not override the SELinux features. I am open to the concept. But do
not want additional problems thrown into the mix. NT4 as comparison
caused me headaches as a user. I avoided it because it was not setup to
stay out of the way of using a computer.
Jim
--
You have an ability to sense and know higher truth.
