Full Disclosure mailing list archives
Re: Internet has vuln.
From: Steve Wray <stevedwray () gmail com>
Date: Thu, 12 Sep 2013 08:57:55 +0800
I'm wondering how much of the industry/community is going to be in denial. In some cases it could be quite difficult to disengage from NSA-influenced projects, eg selinux. So far as I can tell this is pretty much everywhere now. Redhat embraced it ages ago, its been integrated in the kernel since 2.6, so how do we opt out of selinux? Are instructions like "you just need to edit the kernel boot line, usually in /boot/grub/grub.conf, if you're using the GRUB boot loader. On the kernel line, add selinux=0 at the end." just laughable? The code is in the kernel therefore the kernel is (potentially) compromised, right? Are there any kernels available after 2.6 with no selinux? How easy or difficult would it be to strip it out? Hardware devices that are running Linux kernels, do they have the selinux code in them? I'm pretty sure that a lot of people are going to throw their hands up in despair at this kind of thing and say "but its open source, its been verified and checked by people around the world, surely it can be trusted."
_______________________________________________ Full-Disclosure - We believe in it. Charter: http://lists.grok.org.uk/full-disclosure-charter.html Hosted and sponsored by Secunia - http://secunia.com/
Current thread:
- Internet has vuln. coderman (Sep 06)
- Re: Internet has vuln. coderman (Sep 11)
- Re: Internet has vuln. coderman (Sep 11)
- Re: Internet has vuln. Steve Wray (Sep 12)
- Re: Internet has vuln. coderman (Sep 12)
- Re: Internet has vuln. coderman (Sep 12)
- Re: Internet has vuln. Valdis . Kletnieks (Sep 12)
- Re: Internet has vuln. Jeffrey Walton (Sep 12)
- Re: Internet has vuln. Valdis . Kletnieks (Sep 13)
- Re: Internet has vuln. Justin Ferguson (Sep 13)
- Re: Internet has vuln. Jeffrey Walton (Sep 13)
- Re: Internet has vuln. Justin Ferguson (Sep 13)
- Re: Internet has vuln. coderman (Sep 11)
- Re: Internet has vuln. coderman (Sep 11)
- Re: Internet has vuln. Tracy Reed (Sep 13)
- Re: Internet has vuln. Steve Wray (Sep 14)