On 08/24/2009 05:33 PM, Yashpal Nagar wrote:
So more precisely selinux is developed to enhance the Linux system security beyond the trival system access controls granted in the form of file permissions, privileges etc
Yes and that is why Selinux will let you enforce userland app access levels and context ( which is what the primary aim is to start with ).
On the other hand a spyware is nothing but a software which is presumably written outside kernel space and meant to be used for fishing the information, to move/copy the information from one place to another. A spyware can exploit any software system/app and used that as a tool to hack the system information. A spyware is not necessarily to be used as a means of enhancing the system security of a Windoz box like in the case of selinux.
this is exactly the sort of thing that selinux helps with, disallowing apps from outside a specific context access to information that they should not get. Eg. its not hard getting setup in a way that even plugins within firefox are uable to access things that firefox itself is able to.
Most people tend to shy away from selinux due to the, false, sense of assumed complexity.
-- Karanbir Singh : http://www.karan.org/ : 2522...@icq _______________________________________________ ilugd mailinglist -- ilugd@lists.linux-delhi.org http://frodo.hserus.net/mailman/listinfo/ilugd Archives at: http://news.gmane.org/gmane.user-groups.linux.delhi http://www.mail-archive.com/ilugd@lists.linux-delhi.org/
