1 |
>> i read in slashdot that there is a question mark over SELinux because it came |
2 |
>> from the NSA [4] but this is nonsense, as it is a means of securing processes |
3 |
>> not network connections. i find it difficult to believe that a backdoor in a |
4 |
>> locked cupboard in your house can somehow give access through the front door. |
5 |
> This point you get wrong. SELinux implement the LSM API (in fact the LSM API |
6 |
> was tailored to SELinux needs). It has hooks in nearly everything |
7 |
> (file/directory access, process access and also sockets). One of the biggest |
8 |
> concerns at the time of creation of the LSM API was rootkits hooking that |
9 |
> functions. It's definitively a thread. I'm not saying that SELinux contains |
10 |
> a backdoor (I for myself would have hidden it in the LSM part, not in SELinux |
11 |
> because that would enable me to use it even if other LSMs are used). If you |
12 |
> google for "underhanded C contest" you'll see that it's possible to hide |
13 |
> malicious behaviour in plain sight. And if the kernel is compromised all other |
14 |
> defenses mean nothing. (As I said, I don't want to spread fearbut that is |
15 |
> something to consider imho). |
16 |
Interesting, I didn't realise LSM provisioned hooks for SELinux - |
17 |
thought it it was more modular (and less 'shoehorned') than that. |
18 |
I need to go read about that some more now |