SELinux
Ralf Corsepius
rc040203 at freenet.de
Tue Aug 31 15:43:50 UTC 2010
On 08/31/2010 05:32 PM, Bruno Wolff III wrote:
> On Wed, Sep 01, 2010 at 00:14:09 +0900,
> Takehiko Abe<keke at gol.com> wrote:
>> ;;; sorry other one goes straight to you
>>
>> > Linus is not exactly famous for his ability to understand security
>> > concepts. I find the fact your argument is produced by google and
>> > cut/paste rather than technical material ... enlightening
>>
>> Well, please educate me. All I hear from advocates is "more security"
>> without a concrete example. You mentioned the danger of emails get
>> stolen without SELinux. Please give me the scenario. So we can gauge
>> the risk.
>
> If you read email you need selinux. If you read email with a client that
> fires up plugins to read special content (e.g. html, pdfs, flash) then you
> really need selinux.
>
> If you use a web browser to view more than a short list of trusted sites,
> you need selinux.
>
> If you run network services accessible from outside the machine then you
> need selinux.
>
> If you run binaries from semitrusted groups (this includes most commercial
> software) then you need selinux.
You don't _need_ SELinux in any such cases.
SELinux is aiming at catching malfunctioning/misbehaving programs and
_may_ prevent damage in use-cases such as those you list.
However, SELinux also causes mal-functions and prevents applications
from operating properly. Semi-educated tweaking SELinux may even cause
further damage up to rendering systems completely unusable.
To me this means: If the defaults work, use it. If it doesn't, switch it
off, otherwise you might easily shoot yourself into the foot.
Ralf
More information about the users
mailing list