| |||||||||||||
Linux security non-modules and AppArmorLinux security non-modules and AppArmorPosted Jun 28, 2007 10:15 UTC (Thu) by mingo (subscriber, #31122)In reply to: Linux security non-modules and AppArmor by dlang Parent article: Linux security non-modules and AppArmor
Note that you did not actually answer to the essence of James' arguments. it boils down to: the architecture of SELinux is there for a reason (and it is well documented), and the answer is not to ignore it and remove the "extra complexity" out of ignorance, but to understand the security issues behind them and provide an alternative solution (if you can). You are in essence putting a chair into the fire-proof door to keep it open permanently, just because you find it inconvenient. Instead of designing an automatic fire-proof door that opens automatically when a human (with the right permission) approaches.
(Log in to post comments)
Linux security non-modules and AppArmor Posted Jun 28, 2007 14:47 UTC (Thu) by jschrod (subscriber, #1646) [Link] Maybe he doesn't need fire-proof doors all the time, but is also not satisfied with a hole in a wall -- sometimes a door itself would be sufficient.
Coming back from your analogy: Implementing "just a door" in SELinux is horrible work, and many users then take the hole in the wall instead, i.e., they shut it off. I see this daily at my customers' installations.
Decisions about security mechanisms are not black and white, like all other security decisions. They are a compromise between effort, risk, and asset value. Sometimes the big hammer SELinux is the tool to use, but there are other situations, too -- and not all of them demand the big hammer.
|
|||||||||||||