SELinux
Alan Cox
alan at lxorguk.ukuu.org.uk
Wed Sep 1 14:52:53 UTC 2010
> So, right now I do not need SELinux even if I "use a web browser to
> view more than a short list of trusted sites".
Of course flash, firefox, all the image libraries it uses and the font
libraries are perfect and never had a bug triggerable remotely - right ?
Nope.
Look for example the Dowd exploit of flash - SELinux blocked it, non
SELinux systems got 0wned. Ditto Mambo against Firefox. Dowd is also
interesting because it was designed and built as a cross platform exploit.
Alan
More information about the users
mailing list