NSA takes its Flask architecture to the open-source community to offer an inexpensive route to trusted systems. “What it really helps out with is something called zero-day exploits,” said Daniel Walsh, a principal software engineer at Red Hat and leader of the company’s SELinux team. “If you have a bug in your software that allows a machine to be taken over, SELinux [provides] another layer of controls to make sure that application only does what is was designed to do. SELinux is your last line of defense.“
Security Is No Secret
Submitted by Rahul 2008-07-24 Privacy, Security 7 Comments
Mine is the power button
And what does most(all?) wannabe system administrators? THEY TURN SELINUX OFF! Why, you ask? Because it’s PITA to configure and slows your system down to knees. That’s why.
It is amusing to read every single day about critical bugs in serious applications. Maybe it is not a fault of programmers but serious design faults in compilers itself- it should stop compiling your shitty code and send a message to authorities about your stupidity.