LWN.net Logo

Not logged in

Log in now

Create an account

Subscribe to LWN

Recent Features

Relicensing and rebasing LibreOffice

LWN.net Weekly Edition for May 24, 2012

A uTouch architecture introduction

LWN.net Weekly Edition for May 17, 2012

Tasting the Ice Cream Sandwich

Printable page
Weekly edition Kernel Security Distributions Contact Us Search
Archives Calendar Subscribe Write for LWN LWN.net FAQ Sponsors

Walsh: Introducing the SELinux Sandbox

Walsh: Introducing the SELinux Sandbox

Posted May 27, 2009 23:26 UTC (Wed) by jamesmrh (guest, #31622)
In reply to: Walsh: Introducing the SELinux Sandbox by PaXTeam
Parent article: Walsh: Introducing the SELinux Sandbox

Ok, perhaps I should clarify and always include the caveat that SELinux cannot be expected to protect against kernel vulnerabilities, because it is part of the kernel.

There will always be the possibility of kernel security holes, because:

- all software has bugs
- the kernel is software
- some bugs are security holes

this will *never* not be the case.

(Log in to post comments)

Copyright © 2012, Eklektix, Inc.
Comments and public postings are copyrighted by their creators.
Linux is a registered trademark of Linus Torvalds