On Mon, 2 Mar 2015 06:57:29 +1100 Zenaan Harkness <[email protected]> wrote:
> On 3/1/15, Juan <[email protected]> wrote: > > http://en.wikipedia.org/wiki/Linux_Security_Modules > > But, but ... but all those hooks into my kernel are for -security-, > they make my kernel -secure- don't they? . . . > Well, my assumptions are founded in a solid reality - my faith. You > see, I believe, and ah seen tha light - Linux *will* set me free. > > Right? Yes brother, linux is the light of the world =) Actually, I meant to link this one http://en.wikipedia.org/wiki/Security-Enhanced_Linux which according to wikipedia was primarily developed by the NSA. But since according to wiki again, the NSA made 'substantial contributions' to the LSM framework as well, I didn't bother correcting my mistake. Granted, one can easily avoid the selinux module. And a quick look at the /security/ directories suggests that there aren't tons of code to audit, though I actually have no clue as to how hard it would be to actually audit that code. Let alone how to audit it. This is probably old news for a lot of people but the fact that the NSA was involved in this kind of thing is just too rich...
