Posted Sep 24, 2004 2:29 UTC (Fri) by walters
In reply to: Complexity
Parent article: An introduction to SELinux
You didn't try to explain transitioning. But really there are so many problems with this scheme it's hard to know where to start. And even if it all sort of worked, it wouldn't be good enough for me. For one thing, it's still totally screwed if there's an exploitable setuid root program. Also any system service running as root, once cracked, compromises the entire system.
I just don't think anyone is really interested in a halfway solution to security like this.
to post comments)