SELINUX - Why?
Mike McCarty
mike.mccarty at sbcglobal.net
Wed Jul 27 20:52:53 UTC 2005
Les Mikesell wrote:
> On Wed, 2005-07-27 at 14:24, Mike McCarty wrote:
>
>
[snip]
>>Since the issue of how the "malware" gets onto my machine
>>is completely bypassed, I consider the answer given in the
>>FAQ to be, well, significantly incomplete.
>
>
> "Unknown vulnerabilities" are a reason assumption for any code. Over
> the years many have been found and fixed in programs included in
> Linux distributions. The most common involve buffer overflows
> that allow something sent over the network to be executed
> accidentally by a program that that was supposed to be doing
> something else.
I am aware of the Internet Worm.
>>And augmenting the answer with "We don't know how it might
>>get onto your machine" is, IMO, not an adequate answer. It
>>begs the question.
>
>
> No, you should expect your software to include bugs. It is
> impossible to prove that it doesn't.
Which is precisely the reason for my question. The more
software I introduce into my machine, the more places there
are for exploitable defects.
>>What I mean is, I ask "Why should I run selinux?" The answer
>>then seems to be "We don't know, but if you don't bad things
>>might happen to your system due to malicious programs."
>
>
> A better question is why you should not apply the same logic to
> the relatively new code in selinux. That is, assuming you
> should not completely trust code that has been around for
> a long time and has had bugs exposed and fixed may be reasonable,
> but then why should you trust selinux not to introduce new bugs
> and vulnerabilities of its own?
>
I made this point in another post at one time, about having
to keep after my engineers (when I was a lead) not to introduce
"features" not in the requirements spec. Just more places
for defects to hide.
Mike
--
p="p=%c%s%c;main(){printf(p,34,p,34);}";main(){printf(p,34,p,34);}
This message made from 100% recycled bits.
I can explain it for you, but I can't understand it for you.
I speak only for myself, and I am unanimous in that!
More information about the fedora-list
mailing list