Posted Sep 23, 2004 13:42 UTC (Thu) by walters
In reply to: Complexity
Parent article: An introduction to SELinux
I would love to see an article that criticizes the SELinux approach systematically, [...] Surely someone can (or has?) stated the case forcefully.
I don't think such an article exists, because the fundamental concepts behind SELinux aren't new. They've been around for decades. SELinux just builds on those decades of secure systems research to create an implementation for Linux.
I think that a better path from Linux today to a more secure, compartmentalized system would make more flexible use of the basic unit of unix access control, the user id.
The Linux uid-based access control is discretionary, meaning if you own an object you can do whatever you like to it. That makes restricting programs to least privilege much more difficult.
Fundamentally, you need a new system.
to post comments)