Re: SELinux

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

 

> I think the Law of Requisite Variety does not apply here.

Feel free to think that, but I would suggest Beer's analysis of the US
tax system is a direct match for the symptoms in SELinux, if you simply
swap crackers in for tax specialists.

> The model of a "control system" could be utilized in that system's "security"
> model.

Your security model is a control system. It's complexity depends upon the
state you manage. In the case of file permissions systems you manage
fairly small amounts of state - and most importantly with limited
interconnectedness. That said people often get it wrong as early tools
like Satan show.

You have a lot of state in the controlled system you don't manage because
they are not states you need to distinguish.

Simple example is a heating system - to control a system that can do
anything between 0 and 100C stably is more states than controlling the
same system to do a single temperature where it only needs to worry about
"too hot" and "too cold".

> The same "control"/"security" model, however useful to analyze security, would
> not be subjected to that Law's statement if we decided that only one of them,
> namely networking component, is *required* to have (worth of) a corresponding
> security component, namely iptables.

The same laws still apply, but the system you are looking at is different.

> Perhaps because we are on an internal network that we consider secure. So why
> would we need SELinux on that machine ? We would like not to have it, but we

If you consider your internal network secure and that all data
passing through it is safe you could use telnet and get rid of all your
passwords. In practice you'd question the assumption pretty hard.

> are not allowed to. We could disable it ..., but suddenly perhaps not ! What
> if SELinux becomes an object of a hacker attack ? We know that in order to
> remove SELinux to disinfect the system you have to remove everything else

Actually you don't. You can just turn it off. The ability to do that or
to use multiple different security plugins and models is part of the
kernel. The user space libraries cope just fine with no SELinux present.

Alan
-- 
users mailing list
users@xxxxxxxxxxxxxxxxxxxxxxx
To unsubscribe or change subscription options:
https://admin.fedoraproject.org/mailman/listinfo/users
Guidelines: http://fedoraproject.org/wiki/Mailing_list_guidelines
[Index of Archives]     [Current Fedora Users]     [Fedora Desktop]     [Fedora SELinux]     [Yosemite News]     [Yosemite Photos]     [KDE Users]     [Fedora Tools]     [Fedora Docs]

  Powered by Linux