Alan Cox alan at
Wed Sep 1 14:52:53 UTC 2010

> So, right now I do not need SELinux even if I "use a web browser to
> view more than a short list of trusted sites".

Of course flash, firefox, all the image libraries it uses and the font
libraries are perfect and never had a bug triggerable remotely - right ?


Look for example the Dowd exploit of flash - SELinux blocked it, non
SELinux systems got 0wned. Ditto Mambo against Firefox. Dowd is also
interesting because it was designed and built as a cross platform exploit.


More information about the users mailing list