How NSA access was built into Windows
David Boles
dgboles at gmail.com
Sat Jan 20 19:42:17 UTC 2007
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1
Les wrote:
> So, please educate my friends and I. What does SELinux do? How does
> it do it? Why is it so tightly bound to the OS? And by the way, what
> do you want it to do for you?
Hi Les,
You have your name in the reply-to field so you and the list will see this.
My complaint about this thread was that it was FUD and no one was really
answering any of the questions. And like many threads it turned into a round
robin of 'I think it does this - but I don't know' and such back and forth.
For days.
The questions and concerns where understandable. The answers were mostly FUD.
A quick Google search for selinux brings up pages, many pages, of
information about what selinux is and what it is for.
Am I a SElinux expert? Certainly not. Those people are on a different fedora
list. But I do understand what SElinux does. And why it does it. And what it
is for.
I will post these five hits from the very first Google page:
http://fedoraproject.org/wiki/SELinux
http://www.nsa.gov/selinux/
http://selinux.sourceforge.net/about.php3
http://en.wikipedia.org/wiki/SELinux
http://www.nsa.gov/selinux/info/faq.cfm
which will provide more information than you would probably need or care to
read. But more answers than what you received in the several days of this thread.
The advantage you, as a Linux user, has over say, a Windows user, is that this
code is OSS. You can read the code if you wish. That is one of, if not the
main, problems with proprietary video drivers for example. I don't know if you
use them, many do. Since you can not read the code for, say for Nvidia
drivers, just how do you know that they haven't put something in it? To use to
spy on you? Melt your monitor? Eat your baby? ;-) You can't.
Another thought. All Linux distributions will eventually have SElinux or one
of several other similar systems. Many already do. Fedora since FC-3 and I
think since FC-2
Is this a good thing? Better than not having it. Can you avoid this? Sure.
Easily. Just don't use a computer. Or an ATM. Or a bank. Hmm... I guess not so
easily avoided after all. This last paragraph was intended to be humorous. I
hope that you take it this way.
BTW. Note the tagline. ;-)
- --
David
Quis custodiet ipsos custodies?
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.4.5 (MingW32)
iD8DBQFFsnCZAO0wNI1X4QERAgbzAJ9bfCeuahtbVHAFL3fiRZ+AS657dgCg4myG
MZfvFv/zgbdmWJ62B4tBK0o=
=19Py
-----END PGP SIGNATURE-----
More information about the users
mailing list