On 7/3/07, Mike McCarty <Mike.McCarty@xxxxxxxxxxxxx> wrote:
Arthur Pemberton wrote: > On 6/28/07, Mike McCarty <Mike.McCarty@xxxxxxxxxxxxx> wrote: > [snip] >> >> A machine running current SELinux implementation is provably >> less secure in some senses than one which is not. > > I don't often agree with Rahul Sundaram, plus I get the feeling that > he doesn't like me. But I can't stand by and have you spreading this > kind of FUD, especially considering that you have admitted to _not_ > using SELinux. No fear. No uncertainty. No doubt. If that's what you meant. > Please show some geek pride and not speak on this matter since by your > own admission you have no recent experience with it. > > Furthermore this claim of yours is extremely broad, and baseless. It is neither of those. If you wish to continue this, please take it to private e-mail. I already gave instances published by the US Government which demonstrate that machines which run SELinux are subject to attacks which would not otherwise have succeeded.
Thanks for brining my attention to that, went back through the thread and found those links. As I expected, all those exploits/bugs, require local account access. I don't consider any system in which a local account is attacking the systems integrity to be very secure, do you? I say that to show that, in such a case, the presence of SELinux cannot be lowering the systems security that much - the attacker already has local access. Now, SELinux helps to prevent a remote attacker from getting local access, and (as far as I know) it has no internet facing ports or other connections. So in a case where a machine is being used to host several local accounts, and local multiuser usage, then I can accept that SELinux adds vulnerabilities, but I even in that situation, I believe SELinux adds (security) more than it removes. -- Fedora Core 6 and proud
