Vulnerability Development mailing list archives
Re: The NSA's Security-Enhanced Linux
From: M Schubert <schubert () fsck org>
Date: Fri, 22 Dec 2000 09:12:54 -0800
Seems like this is a "demo" ... would anyone be able to compare this system to a system that is not attempting to be a demo -- such as Pitbull (solaris?)? It frightens me to think that anyone would trust linux :-> but, alas, who knows. Maybe is enough sugar is poured on top, it just won't continue to smell so bad. Scott
I wouldn't say that its' a demo (it isn't). It's more a proof-of-concept or beta. I would hope that people keep in mind that they are pitching their enchancements as simply a "security enchancemed linux" not to be confused with "trusted linux". Being able to feel warm and fuzzy that your box is secure is not the same feeling of a trusted box (pitbull, trusted solaris, trusted aix, trusted irix, hp-ux vault?). Even with trusted OS features, it can't be trusted without _documented_ auditing performed. But I do share your concern about linux security-enchancements in general... my fear is that there is very little done in the auditing field of this code (it is done no doubt, but not to the intensity or the organization of OpenBSD) -- -- M. Schubert - mschuber () uci edu -- Security Specialist - michaels () lightspeedsystems com -- Sys Admin - schubert () fsck org
Current thread:
- The NSA's Security-Enhanced Linux Ralf-Philipp Weinmann (Dec 21)
- Re: The NSA's Security-Enhanced Linux Scott D. Yelich (Dec 22)
- Re: The NSA's Security-Enhanced Linux Michael H. Warfield (Dec 22)
- Re: The NSA's Security-Enhanced Linux Scott D. Yelich (Dec 22)
- Re: The NSA's Security-Enhanced Linux Michael H. Warfield (Dec 22)
- Re: The NSA's Security-Enhanced Linux Michael H. Warfield (Dec 22)
- Re: The NSA's Security-Enhanced Linux M Schubert (Dec 22)
- Re: The NSA's Security-Enhanced Linux Scott D. Yelich (Dec 22)
- <Possible follow-ups>
- Re: The NSA's Security-Enhanced Linux Neal Dias (Dec 22)
- Re: The NSA's Security-Enhanced Linux Neal Dias (Dec 25)
- Re: The NSA's Security-Enhanced Linux Dom De Vitto (Dec 26)
- Re: The NSA's Security-Enhanced Linux Neal Dias (Dec 27)
- Re: The NSA's Security-Enhanced Linux Timothy J. Miller (Dec 28)
- Re: The NSA's Security-Enhanced Linux Scott D. Yelich (Dec 29)
- Re: The NSA's Security-Enhanced Linux M.Schubert (Dec 29)
- Re: The NSA's Security-Enhanced Linux Neal Dias (Dec 29)
- Re: The NSA's Security-Enhanced Linux geoffrey (Dec 29)