On Sat, Sep 22, 2007 at 07:45:57PM +0300, Ihar Hrachyshka wrote:
> What part of SELinux is NOT Unix? Remember that all traditional Unix
Insofar as that ls -la shows them, yes. In the sense that files actually
work that way, `usually'.
> > Additionally, it's not entirely clear whether it actually helps;
Root almost always can gain complete control over the system anyway, so
that's not a big issue.
Also see my comments below.
Still, yes, SELinux can be - rarely - used to solve problems for which
no clean UNIX-ish solution exists. Far too often, though, it's thought
of a as a magic bullet, which it certainly is not.
> > SELinux configuration is, even at its best, a lot more complex than the
Yes, but not all code is created equal. Layering a second permission
layer into the system integrates closely with all other security
mechanisms, which is more dangerous than yet another driver.
Additionally, it's completely the wrong way to go about securing a
system. The best way not to have any vulnerabilities is not to have any
vulnerabilities; stuff like SELinux, Pax, or W^X is cool, but not a
substitute for good programming. An OpenBSD system running properly
chosen and secured programs without W^X is almost as secure as one with
it. I'd argue the same goes a Linux system running a haphazard
collection of badly-out-of-date, unpatched monstrosities with or without
SELinux.
Finally, SELinux is almost never necessary. (But it *is* - rarely -
useful.) And takes a lot of time, which is usually better spent doing
something actually useful - like log monitoring.
