Posted Nov 26, 2004 5:10 UTC (Fri) by spender
In reply to: Civilizing SELinux
Parent article: Civilizing SELinux
Congratulations on your attempt at a rebuttal by "context destruction." Yes, the context of the above quote was what you said. "There is very little that exploit can actually do." The author then lists in the next sentence what that exploit could do IN THE WORST CASE. Nothing in your text refutes this. You're just trying to attack a straw man because you know you're wrong here. Unless you really believe that the worst case, as the author claims, is that dns replies could be modified.
Also, you speak as if some other system isn't implementing things that aim to stop kernel exploits. Apparently your vast security knowledge has overlooked the RANDKSTACK and KERNEXEC features of PaX. Maybe RedHat will rip these off 3 years from now too and take credit for them.
I've looked at the current policies for SELinux in Fedora Core 3, thanks. If you think they'll actually protect a server, you're seriously deluded. Stop drinking the SELinux kool-aid.
Does RedHat buy exploits for their own code?
If so, how much would RedHat pay for information on an information leaking vulnerability in SELinux for a physical, local user?
I've sold all my Exec-Shield exploits (that still work!), otherwise I'd offer those as well ;\
to post comments)