"Who's afraid of SELinux? Well, if you are, you shouldn't be! Thanks to the introduction of new GUI tools, customizing your system's protection by creating new policy modules is easier than ever. In this article, Dan Walsh gently walks you through the policy module creation process."
To view parent comment, click here.
To read all comments associated with this story, please click here.
Member since:2006-08-18
Member since:2006-01-28
Member since:2005-12-15
That doesn't really wash with me. This seemingly endless blabber that all things Linux are more secure than all things Microsoft has been shown to be wrong time and time again. That doesn't mean the reverse is true either.
Take a look at the security analysis and patch levels and you'll see that even though Microsoft do have critical patches, so does Linux, Solaris, MacOS and so on.
The suggestion that the NSA "wrote" SELinux doesn't imply that it's secure. Security comes through proof. I'm sure all the pro-Linux, anti-Microsoft chaps will stand up right about now and proclaim that Microsoft has a very poor record.. this is true, I wouldn't disagree with that.
What I would disagree with is, is the implication that an NSA born Linux is secure, just because, and that somehow Microsoft's poor record gives SELinux the gold star award for security.
Edited 2007-08-22 00:33
Member since:2007-08-22
That doesn't really wash with me. This seemingly endless blabber that all things Linux are more secure than all things Microsoft has been shown to be wrong time and time again. That doesn't mean the reverse is true either.
Well, how about the fact that Linux has achieved the highest security certification level available to commercial OS's - a level only achieved by Sun's Trusted Solaris (at least as popular OS's are concerned). (I believe it's RHEL4 that made it.)
That's more than Microsoft can say, and it was possible because of the NSA's contribution of the SELinux code to the Linux Kernel.
It's also not something that's merely pro-Linux.
Member since:2005-08-28
Well, I think I AM giving the NSA-backed SELinux the benefit of the doubt, because I'd assume (and I think it's reasonable to assume) the NSA know a lot about security, and that their name on a security framework means something.
Now, if what I'm reading here is correct, then it would seem to be 'secure at all costs'... which I guess fits in with what I'd expect from the NSA, and which wouldn't be such a good idea for a single-user home system, at least not without a massive shift in the way Linux applications are programmed.
Edited 2007-08-22 02:55
Member since:
2005-11-14
Just remind them that the NSA wrote SELinux. Microsoft wrote Windows.