"Who's afraid of SELinux? Well, if you are, you shouldn't be! Thanks to the introduction of new GUI tools, customizing your system's protection by creating new policy modules is easier than ever. In this article, Dan Walsh gently walks you through the policy module creation process."
To view parent comment, click here.
To read all comments associated with this story, please click here.
Member since:2007-08-22
That doesn't really wash with me. This seemingly endless blabber that all things Linux are more secure than all things Microsoft has been shown to be wrong time and time again. That doesn't mean the reverse is true either.
Well, how about the fact that Linux has achieved the highest security certification level available to commercial OS's - a level only achieved by Sun's Trusted Solaris (at least as popular OS's are concerned). (I believe it's RHEL4 that made it.)
That's more than Microsoft can say, and it was possible because of the NSA's contribution of the SELinux code to the Linux Kernel.
It's also not something that's merely pro-Linux.
Member since:2007-02-07
Linux is more secure than windows cuz blah blah blah lies blah blah lies blah...
Ok, maybe you are just misinformed!
http://www.commoncriteriaportal.org/public/consumer/index.php
Red Hat Enterprise Linux Version 5 running on IBM Hardware
EAL4+ (Certified: 7 June 2007)
http://www.commoncriteriaportal.org/public/files/epfiles/st_vid1012...
Microsoft Windows 2003/XP with x64 Hardware
EAL4+ (Certified: 18 September 2006)
http://www.commoncriteriaportal.org/public/files/epfiles/ST_VID1015...
(Edit: RHEL4 has the same EAL4+ certification.
+ More on levels and what they need here:
http://en.wikipedia.org/wiki/Evaluation_Assurance_Level)
Edited 2007-08-22 03:31
Member since:2005-08-28
Well, I think I AM giving the NSA-backed SELinux the benefit of the doubt, because I'd assume (and I think it's reasonable to assume) the NSA know a lot about security, and that their name on a security framework means something.
Now, if what I'm reading here is correct, then it would seem to be 'secure at all costs'... which I guess fits in with what I'd expect from the NSA, and which wouldn't be such a good idea for a single-user home system, at least not without a massive shift in the way Linux applications are programmed.
Edited 2007-08-22 02:55
Member since:
2005-12-15
That doesn't really wash with me. This seemingly endless blabber that all things Linux are more secure than all things Microsoft has been shown to be wrong time and time again. That doesn't mean the reverse is true either.
Take a look at the security analysis and patch levels and you'll see that even though Microsoft do have critical patches, so does Linux, Solaris, MacOS and so on.
The suggestion that the NSA "wrote" SELinux doesn't imply that it's secure. Security comes through proof. I'm sure all the pro-Linux, anti-Microsoft chaps will stand up right about now and proclaim that Microsoft has a very poor record.. this is true, I wouldn't disagree with that.
What I would disagree with is, is the implication that an NSA born Linux is secure, just because, and that somehow Microsoft's poor record gives SELinux the gold star award for security.
Edited 2007-08-22 00:33