Full Disclosure mailing list archives
Re: Internet has vuln.
From: Jeffrey Walton <noloader () gmail com>
Date: Thu, 12 Sep 2013 18:23:53 -0400
On Thu, Sep 12, 2013 at 3:23 PM, <Valdis.Kletnieks () vt edu> wrote:
On Thu, 12 Sep 2013 08:57:55 +0800, Steve Wray said:In some cases it could be quite difficult to disengage from NSA-influenced projects, eg selinux. So far as I can tell this is pretty much everywhere now. Redhat embraced it ages ago, its been integrated in the kernel since 2.6, so how do we opt out of selinux?Well, given that SELinux *did* come out of the NSA, but has had tons of code review of the base code (which isn't really all that much) and the actual policy files (which is where I'd hide a backdoor, they're a lot more obscure than the actual kernel code), by lots of people who would have *loved* to be the one who caught the NSA doing something underhanded, I think you're barking up an entirely incorrect tree.
They ignored my comments on fixed size arrays based on MAX_PATH and the subsequent overflows and silent truncations due to use of sprintf and snprintf.... Jeff _______________________________________________ Full-Disclosure - We believe in it. Charter: http://lists.grok.org.uk/full-disclosure-charter.html Hosted and sponsored by Secunia - http://secunia.com/
Current thread:
- Internet has vuln. coderman (Sep 06)
- Re: Internet has vuln. coderman (Sep 11)
- Re: Internet has vuln. coderman (Sep 11)
- Re: Internet has vuln. Steve Wray (Sep 12)
- Re: Internet has vuln. coderman (Sep 12)
- Re: Internet has vuln. coderman (Sep 12)
- Re: Internet has vuln. Valdis . Kletnieks (Sep 12)
- Re: Internet has vuln. Jeffrey Walton (Sep 12)
- Re: Internet has vuln. Valdis . Kletnieks (Sep 13)
- Re: Internet has vuln. Justin Ferguson (Sep 13)
- Re: Internet has vuln. Jeffrey Walton (Sep 13)
- Re: Internet has vuln. Justin Ferguson (Sep 13)
- Re: Internet has vuln. coderman (Sep 11)
- Re: Internet has vuln. coderman (Sep 11)
- Re: Internet has vuln. Tracy Reed (Sep 13)
- Re: Internet has vuln. Steve Wray (Sep 14)