Alexander Caldwell wrote:
> Here's an interesting link from IBM about a security enhanced version
> of Linux developed by the NSA and released by them to the open source
> community.
>
> http://www.ibm.com/developerworks/library/s-selinux/
>
> I don't understand all the implications, but it should generate some
> interesting discussion among privacy, security and encryption buffs.
>
The purpose of SE-LINUX are stated:
"The Security-enhanced Linux kernel enforces mandatory access control policies
that confine user programs and system servers to the minimum amount of privilege
they require to do their jobs."
What this means is that a compromise of one system service will not
be able to cascade to other system services as is now the case. The whole notion
of gaining 'root' or superuser access becomes useless. Think of it as
separation of duties at the operating system level. This provides a reduction in
the amount of trusted code to the security policy implementation in the kernel.
An application does not care how trusted any other application is. In effect, this
reduces the 'weakest link in the chain' argument to your application and the
trusted kernel.
It really has nothing to do with encryption. Systems such as these go a long
way to providing assurances that whatever privacy and confidentiality mechanisms
have been implemented are robust in the face of application compromise.
