On Tue, 2005-07-05 at 06:07 +0200, Peter Magnusson wrote:
When was SELinux included in the mainline Linux 2.6, what version?
2.6.0-test3. And the LSM framework, which we helped to develop, was
merged during the 2.5 development series, starting with 2.5.27 iirc.
I feel that its interesting that NSA, famous for spying on other
nations,
is helping to make linux more secure. Isnt that counterproductive? :)
See
http://www.nsa.gov/selinux/info/faq.cfm#I10
What if some with evil reasons uses SELinux? Or have NSA realized
that the
old tactic doesnt work and its better to secure so many systems as possible
instead. To help millions to have a more secure system is worth more than
to possible prevent a few bad guys to also have secure systems. Probably
leading that it will be more complicated or impossible for NSA to break in?
Improving the security of COTS (commercial off the shelf) systems is
necessary to meet the security needs of our customers. Yes, there is
the potential for abuse, but such tradeoffs are inevitable.
Im sure NSA would love to have backdoor to SELinux if someone with
evil
reasons (what NSA thinks is evil) uses SELinux. Since SELinux is open
source it cant be something obviously because it will be found very
quickly. Must be something that its really, really well hidden.
That would be a rather foolish strategy, given that SELinux is
publically associated with NSA and the code is open.
--
Stephen Smalley
National Security Agency