Dailydave mailing list archives
Re: In defense of Mandatory Access Control, was Re: No more Novell AppArmor?
From: Peter Busser <peter () adamantix org>
Date: Tue, 31 Mar 2009 10:26:36 +0200
Hi,
Of course it's more complex than running everything as root; enforcing least privilege gets more complex the better you do it.
This is the pigglet with the wooden house saying that his house is more secure against the attacks of the wolf than the straw house of the first pigglet. But we all know how smart and well protected the second pigglet really is.
Modern operating systems and applications are inherently complicated. But that doesn't make them an inherently bad idea.
So you are argueing that security must be complex, "Because SELinux is complex". Your claim that SELinux provides 'least privilege' security can be easily dismissed with a long list of examples where it doesn't provide least privilege at all. You also fail to understand the interaction between MAC and DAC. MAC needs DAC to fill in the (big) niches which MAC is unable to do anything about. The very fact that you have to use DAC when you apply MAC is a sure sign that the MAC system you are using is very coarse grained and inflexible.
"Make everything as simple as possible, but not simpler." -- Albert Einstein
The UNIX DAC is so succesfull because it is an intelligent system. True, it is an inadequate intelligent system. It was designed to be used on non-networked machines by trusted users. Both are becoming less common by the day. But it still contains an internal beauty and consistency which makes it the kind of simple system Einstein was talking about. SELinux and other security models like it are lacking in those areas. I predict that in, let's say, ten years noone will use SELinux anymore. The same goes for AppArmor (which is very inadequate by any standard) and systrace (which tries to provide security at the wrong level). Groetjes, Peter. _______________________________________________ Dailydave mailing list Dailydave () lists immunitysec com http://lists.immunitysec.com/mailman/listinfo/dailydave
Current thread:
- In defense of Mandatory Access Control, was Re: No more Novell AppArmor? Travis (Mar 26)
- Re: In defense of Mandatory Access Control, was Re: No more Novell AppArmor? pageexec (Mar 28)
- Re: In defense of Mandatory Access Control, was Re: No more Novell AppArmor? Peter Busser (Mar 31)