> I think the Law of Requisite Variety does not apply here. Feel free to think that, but I would suggest Beer's analysis of the US tax system is a direct match for the symptoms in SELinux, if you simply swap crackers in for tax specialists. > The model of a "control system" could be utilized in that system's "security" > model. Your security model is a control system. It's complexity depends upon the state you manage. In the case of file permissions systems you manage fairly small amounts of state - and most importantly with limited interconnectedness. That said people often get it wrong as early tools like Satan show. You have a lot of state in the controlled system you don't manage because they are not states you need to distinguish. Simple example is a heating system - to control a system that can do anything between 0 and 100C stably is more states than controlling the same system to do a single temperature where it only needs to worry about "too hot" and "too cold". > The same "control"/"security" model, however useful to analyze security, would > not be subjected to that Law's statement if we decided that only one of them, > namely networking component, is *required* to have (worth of) a corresponding > security component, namely iptables. The same laws still apply, but the system you are looking at is different. > Perhaps because we are on an internal network that we consider secure. So why > would we need SELinux on that machine ? We would like not to have it, but we If you consider your internal network secure and that all data passing through it is safe you could use telnet and get rid of all your passwords. In practice you'd question the assumption pretty hard. > are not allowed to. We could disable it ..., but suddenly perhaps not ! What > if SELinux becomes an object of a hacker attack ? We know that in order to > remove SELinux to disinfect the system you have to remove everything else Actually you don't. You can just turn it off. The ability to do that or to use multiple different security plugins and models is part of the kernel. The user space libraries cope just fine with no SELinux present. Alan -- users mailing list users@xxxxxxxxxxxxxxxxxxxxxxx To unsubscribe or change subscription options: https://admin.fedoraproject.org/mailman/listinfo/users Guidelines: http://fedoraproject.org/wiki/Mailing_list_guidelines
