SELinux - a call for end-of-life.

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

 



Hi,

SELinux is a bad thing, concept- and design-wise.
It should be stopped now - it is a waste of resources, a blind alley.
The Linux community should stop receiving "gifts" (trojan horses) of that
nature.

There is no point of maintaining a SELinux-like monster that is on purpose so
complicated that it excludes all kind of "intruders", be it sys admins or
users.
It met rejection by many sys admins and users, thus defeating its own purpose
to secure our systems.

You  hear:
... we are here to help you ... we will just provide all rules for you ...
... "relabel" the system (all you have to do is to reboot your machine)...
... you do not have to do anything ... just accept it... Do not worry, be
happy ! ...

This idea is so sick - any real sys admin wants to know her machine inside out,
it is the essence of her job, and to offer her a tool that she should better
not touch is preposterous. Many users want to have that knowledge too.
It is also against the free and open software ideals on which the Linux
community was built.

The "Relabel on next reboot" is a major design flaw.
  "Select if you wish to relabel then entire file system on next
  reboot. Relabeling can take a very long time, depending
  on the size of the system. If you are changing policy types
  or going from disabled to enforcing, a relabel is required."
It is so stupid. A cry to heaven.
The future is to do away with system restarts:
- due to kernel update (this is almost done with e.g. kexec in Linux)
- due to other system or application software updates
- due to SELinux-like system "relabeling"
- any other updates

The top brass of Linux community has by now a life-time experience of "what
works and what does not" and should be capable of initiating and rethinking
a new framework for security, for the community and not against it.
It will have a valuable support of that community.
Smart people, but sharing a common vision, should dedicate their brain and time
to it, instead of trying to maintain flawed and impractical software.
They should build a small group (in the background, far from "noice", far from
other "influences") to tackle a new concept of it.
Then selectively enlarge participation to others and Linux community.

This is my idea of the new security concept:
- it should be real-time (operating in a background)
- it should be modular in the sense of traditional small, single function, and
  stand-alone UNIX utilities
- it has to be simple to be acceptable and understandable by all sys admins and
  users of UNIX/Linux systems
- it should be configurable:
    - by sys admin and user (selectively)
    - at any time
    - dynamically
- it should show various diagnostics (alarms) in real-time, but never interfere
  with or prevent a program from execution.
  At least that should be a default behavior.
- it should not interfere with / try to undo any present and standard
  UNIX/Linux system security measures
- it should be supplementary to existing UNIX/Linux system security
- it should be self-contained, installable and removable at any time, without
  influencing the system 

I am sure others will add to and extend it, but in the spirit of improvement.
JB


-- 
users mailing list
users@xxxxxxxxxxxxxxxxxxxxxxx
To unsubscribe or change subscription options:
https://admin.fedoraproject.org/mailman/listinfo/users
Guidelines: http://fedoraproject.org/wiki/Mailing_list_guidelines


[Index of Archives]     [Current Fedora Users]     [Fedora Desktop]     [Fedora SELinux]     [Yosemite News]     [Yosemite Photos]     [KDE Users]     [Fedora Tools]     [Fedora Docs]

  Powered by Linux