oss-sec mailing list archives
Re: CoreOS membership to linux-distros (updated)
From: Nicolas RUFF <nicolas.ruff () gmail com>
Date: Fri, 21 Jul 2017 13:07:57 +0200
A more recent, Android-centered presentation (http://kernsec.org/files/lss2015/vanderstoep.pdf) cites Wikipedia, stating that "[...] the security of an SELinux system depends primarily on the correctness of the kernel and its security-policy configuration", further highlighting the lack of in-depth research.
Not sure if we should derail this thread into a SELinux discussion, but a friend of mine had a look lately and found dozens of implementation issues (none of which got CVE assigned AFAIK): https://github.com/SELinuxProject/selinux/commits?author=fishilico Let's consider this one, it makes you wonder if this code has ever been run: https://github.com/SELinuxProject/selinux/commit/1004a3b3f1885e3138b4818d222fc48930ea7461 - for (i = 0; i < j; j++) + for (i = 0; i < j; i++) semanage_module_info_destroy(sh, &(*modinfo)[i]); Regards, - Nicolas RUFF
Current thread:
- CoreOS membership to linux-distros (updated) Euan Kemp (Jul 18)
- Re: CoreOS membership to linux-distros (updated) Kees Cook (Jul 18)
- Re: CoreOS membership to linux-distros (updated) gremlin (Jul 20)
- Re: CoreOS membership to linux-distros (updated) Greg KH (Jul 20)
- Re: CoreOS membership to linux-distros (updated) Jesse Hertz (Jul 20)
- Re: CoreOS membership to linux-distros (updated) Stiepan (Jul 21)
- Re: CoreOS membership to linux-distros (updated) Nicolas RUFF (Jul 21)
- Re: CoreOS membership to linux-distros (updated) Greg KH (Jul 20)
- Re: CoreOS membership to linux-distros (updated) Solar Designer (Jul 31)
- Re: CoreOS membership to linux-distros (updated) akuster (Aug 01)
- Re: CoreOS membership to linux-distros (updated) Solar Designer (Aug 01)
- Re: CoreOS membership to linux-distros (updated) Johannes Segitz (Aug 02)
- Re: CoreOS membership to linux-distros (updated) Solar Designer (Aug 02)