SELinux
Takehiko Abe
keke at gol.com
Thu Sep 2 12:01:17 UTC 2010
>> Just count the known incidents of such exploits. ZERO. No WMD.
>
> Hmmm. Is that why we run it on our systems? Just for the record I
> cannot discuss anything else, but believe me, the vulnerabilities
> and their exploits do exist.
The "such exploits" refers to buffer overrun type exploits (I don't
know the correct terminology). e.g. the flash exploit reported last
June -- the one that made 64-bit plugin discontinued. Mostly the web
based exploits.
They exploit certain bugs in application/library. But the exploitable
bugs are usually discovered and patched before any actual exploit
takes place. I know none that successfully exploited a linux system
and that is my "ZERO".
More information about the users
mailing list