[Date Prev][Date Next]   [Thread Prev][Thread Next]   [Thread Index] [Date Index] [Author Index]

Re: FC4 kernel performance



On Wed, Jun 22, 2005 at 08:53:10AM -0400, Paul A Houle wrote:
>    It's not so clear that SELinux helps much against real attacks.  It 
> would take a much tougher security model than the Unix model or even the 
> SELinux model to stop the virus and zombie infections that we're seeing 
> in the Windows world.  Things like NX that prevent or complicate buffer 
> overflow attacks may be more useful.

They serve very different purposes.  NX tries to help protect against certain
kinds of code flaw attacks. SELinux models can also try and protect users 
against themselves.

>    If,  for instance,  I can find a way to execute arbitrary code in 
> Firefox or Thunderbird,  I can install something on your computer that 
> runs as you.  It can perpetuate itself by putting itself in your 
> .profile or in a cron job.  It can make socket connections to anywhere,  

If the SELinux ruleset is right then except for the outgoing connections that
isnt clear. 

Alan


[Date Prev][Date Next]   [Thread Prev][Thread Next]   [Thread Index] [Date Index] [Author Index]