LWN.net Logo

Not logged in

Log in now

Create an account

Subscribe to LWN

Recent Features

LWN.net Weekly Edition for May 23, 2013

An "enum" for Python 3

An unexpected perf feature

LWN.net Weekly Edition for May 16, 2013

A look at the PyPy 2.0 release

Printable page
Weekly edition Kernel Security Distributions Contact Us Search
Archives Calendar Subscribe Write for LWN LWN.net FAQ Sponsors

Security in the 20-teens

Security in the 20-teens

Posted Feb 4, 2010 10:12 UTC (Thu) by dgm (subscriber, #49227)
In reply to: Security in the 20-teens by dlang
Parent article: Security in the 20-teens

Exactly what purpose would this be useful for?

(Log in to post comments)

Security in the 20-teens

Posted Feb 4, 2010 20:39 UTC (Thu) by dlang (✭ supporter ✭, #313) [Link]

way back up the thread the statement was made that using SELinux for many processes on one machine was as secure as having the processes on separate machines separated by firewalls.

This is an example of capability that you could have to filter communication between apps on different machines that you do not get with SELinux securing things on one machine.

as for what this would be useful for.

if you have apps that expect things to be text files and throw arbitrary binary data at them you may find a flaw in them and be able to do things as the owner of that process. If you make sure that such bad data can not get to the app you eliminate an entire class of exploits.

Copyright © 2013, Eklektix, Inc.
Comments and public postings are copyrighted by their creators.
Linux is a registered trademark of Linus Torvalds