Alan Cox <alan <at> lxorguk.ukuu.org.uk> writes: > > > I think the Law of Requisite Variety does not apply here. > > Feel free to think that, but I would suggest Beer's analysis of the US > tax system is a direct match for the symptoms in SELinux, if you simply > swap crackers in for tax specialists. > ... Actually, the US tax system is one of the best things there are - if Linux security were like that, hackers would have to look for a different source of fun. Remember, the Republic was established to, among others, secure "the right to happiness" :-) One more shot at complex security. > Security *is* a part of a set of interactions between system components. > It has to be able to mediate all sorts of complex interactions between > components and decide which are permissible. All those components have > state and all that state has to be managed. ... Let's consider, as only one example of many, a society. The society is a complex system. Every member of it needs some *basic* security (body, possessions, contract law, privacy), and for that purpose he is willing to water down a limited number of his own natural rights to form a government and delegate some powers to it to protect individual and thru that societal rights. If the gov, in order to fulfill its obligations, had to mediate (oversee, monitor, spy, etc) all interactions of all citizens and institutions to make them "permissible", it would have to become a totalitarian Big Brother. Instead, and what is expected it to be, it concentrates on the most important and sensitive components (people and institutions) and enforcement measures, and by that it reduces a complex problem to a manageable one. By that it achieves a state of acceptable security. Why can not we do that with security of a complex computer system ? JB -- users mailing list users@xxxxxxxxxxxxxxxxxxxxxxx To unsubscribe or change subscription options: https://admin.fedoraproject.org/mailman/listinfo/users Guidelines: http://fedoraproject.org/wiki/Mailing_list_guidelines
