Slashdot is powered by your submissions, so send in your scoop

 


Forgot your password?
Close
typodupeerror
×
News

How Secure is SELinux? 7

Posted by Cliff from the living-up-to-the-hype dept.
cryptonix asks: "After reading this story on the latest release of SELinux, I wonder how secure it really is? Not that I question the NSA's knowhow in security related matters, but has there been any serious testing on it? What features would you like to see added and what aspects need improving?" The only way to really determine how secure something is, will be to put it out in the wild and see how well it stands up to the greatest test of all: time. SELinux probably hasn't had that much time out there yet, since isn't quite a year old yet, so it might be interesting to revisit this question in a couple of years. Until then, how has SELinux stood up to the personal testing of those of you out there who have used it?
This discussion has been archived. No new comments can be posted.

How Secure is SELinux? More

How Secure is SELinux?

Comments Filter:

  • the interface is the key (Score:3, Insightful)

    by johnjones ( 14274 ) on Monday September 10, 2001 @06:53PM (#2275607) Homepage Journal
    the secure interface into the kernel seems to be the key to providing a well thought out way of doing security

    if each module that wanted to do security a different way where to fashion its own way of interfacing then I think that only one way would end up having a chance

    They seem to be using a generic interface so all credit to them (they are useing Linux Security Module [immunix.org])

    SELinux came from the doing the same thing to Mach based systems (which is what HURD and Darwin is based on) so maybe the other projects could use this
    (I am sure that Apple would not mind being on the list of US guv approved secure OS)

    It seems that the NSA is actually Protecting U.S. citizens
    Something it sets out in its charter amazing that all those dollars go there and very few things come out of it.

    If I was a Citizen of the US I would write to my representative and commend the NSA on this project and put it in the spotlight (this often means that Projects get better funding and are less likely to disappear).

    Regards

    John Jones

  • Your admin makes the difference (Score:3, Insightful)

    by compwizrd ( 166184 ) on Monday September 10, 2001 @09:42PM (#2276054)
    As secure as your admin, unfortunately. Any OS can be compromised with enough stupid mistakes, and almost any OS can be secured with enough cluefulness.
    • As secure as your admin, unfortunately. Any OS can be compromised with enough stupid mistakes, and almost any OS can be secured with enough cluefulness.

      While the admin does make a difference, it's also true that some Operating Systems lend themselves to security more than others.

      To draw a parallel with Programming Languages, it's very easy in C to create buffer overflows, especially if you use the standard libraries and strcpy, etc rather than strncpy. This doesn't mean that it's impossible to write code without buffer overflows in C, just harder.

      Contrast this with *watch out for the flames* a langauge like Java where strings are presented as a more abstract data type and memory allocation is taken care of. It's a lot harder to accidently create buffer overflows in Java.

      Even good programmers create buffer overflows when using C, because it's a language that lends itself to buffer overflows. Even good admins leave security holes in some operating systems (naming no names) because they don't have a clean, consistant way of being made secure, and obscure changes to one part of the system can open up holes that wouldn't have otherwise existed somewhere remote (configuration wise).

      Of course I'd like to think that I'm a good admin, and that being a good admin I recommend Operating Systems that are easier to secure properly so that my human failings are less likely to cause problems. A good admin who is listened to on security policy will choose a good Operating System, as well as secure it.
      • It's really not the String class that prevents buffer overflows in Java. It's the fact that array's are objects, and not pointers to blocks of memory. An array of any type has a member called length that can tell you how long it is. Any attempt to write beyond length will throw an ArrayIndexOutOfBounds Exception instead of just being able to stomp on adjacent memory areas.

        Also, in Java there are no pointers. You have references(similar but not the same). There is no way to point to memory directly, only objects.
  • Remember also that the NSA is much more interested in preventing mixing of different privelage levels on a system (Classified vs Secret vs Top Secret etc) than someone breaking in from outside. They solve the outside breakin problem by not being on the net. Ofcourse this is still useful but what the NSA needs for security and what you and I do are not exactly the same thing. They have different requirements.

Slashdot Top Deals

He has not acquired a fortune; the fortune has acquired him. -- Bion

Close