Re: The NSA's Security-Enhanced Linux

[Neal Dias <NDias () SUNGLASSHUT COM>]

Scott D. Yelich" <scott () SCOTTYELICH COM wrote:

> It frightens me to think that anyone would
> trust linux :-> but, alas, who knows.  Maybe is enough  sugar is
> poured on top, it just won't continue to smell so bad.

That's a pretty strong statement wouldn't you say? Sounds to me as if you
wouldn't advocate linux
 in ANY circumstance. Am I reading and interpreting it wrong? To say that
something stinks, and
maybe adding features to it will improve the smell, sounds like you think
it's "a bad thing" at its core.

You seem to be back peddling here.

> Did I ever mention out of the box security of Solaris, linux or windows?
> It seems to me that most systems need quite a bit of "fixing" if not a
> whole heck of a lot of configuring.

Actually you did:
"...is not attempting to be a demo -- such as Pitbull (solaris?)?"

Any OS, including Solaris, if not properly configured is not an OS I would
consider as "secure",
and that would include something like Pitbull. As far as I'm aware and
correct me if I'm wrong,
with proper configuration and documented auditing, Pitbull is a secure and
trusted system, but
not "out of the box". I wouldn't "trust" ANYTHING "out of the box."

> Anyway, what closed OS are you referring to?  Solaris is hardly closed.
> At least, it's a whole heck of a lot more open than mickeysoft,
> until/unless some jokers release the code  they might have stolen
> from mickeysoft.

Since when? Ok, Solaris IS opening up, but that is a recent occurrence. It
has traditionally been just as
closed as any other OS, and I would include it with MS in that category.

And for your original question:

> Seems like this is a "demo" ...  would anyone be able to compare this
> system to a system that is not attempting to be a demo...

Did you read through the website? They for the most part answer that
question, the quotes below
taken from the link provided in the original posts, and other pages on that
site.
www.nsa.gov/selinux/background.html

 "This work is not intended as a complete security solution for
 Linux..."


 "...it is simply an example of how mandatory access controls
 that can confine the actions of any process, including a
 superuser process, can be added into Linux."

 "There is still much work needed to develop a complete security
 solution."

 "we feel we have presented a good starting point to bring
 valuable security features to Linux. We are looking forward to
 building upon this work with the Linux community."

 "There is still significant work ahead to provide mandatory
 access controls for all kernel services and to provide a
 complete general purpose security policy configuration. "

 "It is expected that research in the above-identified areas of
 technology will continue."

 "Security-enhanced Linux is being released under the conditions
 of the GNU General Public License (GPL). The release includes
 documentation and source code for both the system and some
 system utilities that were modified to make use of the new
 features. Participation with comments, constructive criticism,
 and/or improvements is welcome."

 Seems to me from reading through the website that this is not a
 demo, and more than a proof of concept, it appears to be a
 continuing work with working source provided.

 You also ask:

> Will it one day mutate into something that is trustable?

 I guess that remains to be seen, however they seem to have made
 a substantial step in the right direction and provided us with
 a working basis.

> Will they trust NSA code?

 Well, they've provided the source for review, published it
 under the GPL and invited participation and improvement, so to
 a point it's no longer their code but the communities, so I
 guess the question is whether or not we can trust the
 communities code. To which I answer once again, nothing is
 "trusted" without proper auditing, evaluation and review, and
 even then, taken with a grain of salt.

> In the eyes of the government and these agencies, it's the
 good guys
> (ie: them) vs the bad guys (ie: that'd be anyone who's not
 them, and
> perhaps even themselves).  To me, that's a very scary
 mentality.

 Unfortunately this is a mentality that they've come by the hard
 way. There are reasons that things are classified, with "need
 to know" restrictions. There are reasons the government boys
 are paranoid about such things. And they've learned by
 experience. It's too bad that we can't simply trust people, but
 we can't and they know this. Which is why so many things in the
 intelligence field are compartmentalized, with people only
 knowing what they need to know. Is this the best way to
 operate? It's not optimal, but when there are national security
 issues at stake, where mistakes can mean the loss of real
 people and assets, not just data, it's the way it's gotta be
 done.

 As Michael Warfield made references to, I'm sure an agency like
 the NSA LOVES the idea of having an OS that they have the
 source to. Think about how much trust is involved in an agency
 like that when they have to go to an outside source for their
 operating systems. In their shoes, using something like linux
 would make a LOT of sense. I for one am pleased to see that the
 work they are doing on a secure linux has been put out for
 review and improvement. Once again, I'm just reiterating
 Michael here, but they are contributing to the code base,
 making available their work to the community, whereby both the
 community and the NSA will benefit. Very forward thinking for
 an agency that traditionally hasn't been so.

 Please note that I do not, nor have I ever, worked for any
 government agency, therefore my comments above concerning
 mentality and methods of operation should be construed strictly
 as personal  opinion, I am not speaking from experience, only
 observation.




Neal Dias

UNIX Systems Administrator
Sunglass Hut International, MIS Dept.
office: (305) 648-6479
mobile: (786) 368-5742
wk. email: NDias () sunglasshut com
pvt. email: emperor.1 () netzero net


*******************************************************************************

Whoever fights monsters should see to it that in the process he does not
become a monster. And when you look into an abyss, the abyss also looks
into you. -Nietzsche

Any opinions expressed above or below are entirely my own and may not
reflect those of my employers.

The information contained in this e-mail message is confidential, intended
only for the receipt and use of the individual(s) or entity(s) named above.
If the reader of this email message is not the intended recipient, or the
employee or agent responsible for its delivery to the intended and or
addressed recipient, you are hereby notified that any review,
dissemination, distribution or copying of this communication is strictly
prohibited except at the express consent of its author.