Turning off SELINUX

Javier Perez pepebuho at gmail.com
Thu Sep 5 21:58:17 UTC 2013 

I know SELinux is not about encryption, it is about limiting access to the
system AFTER a breach has ocurred. (That is my understanding AFAIK, and
that is why I think it is a good idea).
My beef is given the NSA origin of this software, It could very well have a
backdoor to turn itself off under the appropriate circumstances like an
NSA-sponsored breach an allow unrestricted access to my system..
I know it is a long shot and a lot of paranoid-think, after all, if I have
to depend on SELinux to defend my system from external breaches, I am F*ck
up already. Attackers should first have to breach the firewall and then
obtain some sort of user access, then trick the system to scalate it to a
root access before SELinux comes into play. But again, It is good to know
that all links in the chain to being pawned are good and strong before
trusting them, and this article certainly throws some mud to whatever
contribution NSA has made to any security system.

My 2 cents.




On Thu, Sep 5, 2013 at 4:14 PM, Michael Schwendt <mschwendt at gmail.com>wrote:

> On Thu, 5 Sep 2013 15:41:06 -0500, Javier Perez wrote:
>
> > After reading this, I am turning off SELINUX
> >
> >
> http://www.theguardian.com/world/2013/sep/05/nsa-gchq-encryption-codes-security
> >
> >
> > Until I hear of  a thorough code review by a non-USA team of this code, I
> > do not feel safe using it, privacy wise.
> >
> > It's a pity because SELINUX is a good idea.
>
> SELinux is not about encryption, though.
> --
> users mailing list
> users at lists.fedoraproject.org
> To unsubscribe or change subscription options:
> https://admin.fedoraproject.org/mailman/listinfo/users
> Fedora Code of Conduct: http://fedoraproject.org/code-of-conduct
> Guidelines: http://fedoraproject.org/wiki/Mailing_list_guidelines
> Have a question? Ask away: http://ask.fedoraproject.org
>



-- 
------------------------------
 /\_/\
 |O O|  pepebuho at gmail.com
 ~~~~     Javier Perez
 ~~~~          While the night runs
 ~~~~          toward the day...
  m m       Pepebuho watches
                from his high perch.
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://lists.fedoraproject.org/pipermail/users/attachments/20130905/b273d11c/attachment-0001.html>

More information about the users mailing list