| |||||||||||||
CloudLinux busted — twiceCloudLinux busted — twicePosted Jun 28, 2012 11:55 UTC (Thu) by wazoox (subscriber, #69624)Parent article: CloudLinux busted — twice
Is it me, or does the whole CloudLinux marketing blurb make it looks like a sham? Increase stability by enforcing limits through a poorly written proprietary kernel module? What is the technical logic supporting that?
(Log in to post comments)
CloudLinux busted — twice Posted Jul 5, 2012 19:05 UTC (Thu) by BenHutchings (subscriber, #37955) [Link]
They are following the reliable methodology of security through obscurity. If you hide the source code for the module, no-one can work out how to subvert it. Simple! We should apply this to all the LSMs too!
CloudLinux busted — twice Posted Jul 6, 2012 5:53 UTC (Fri) by Cyberax (✭ supporter ✭, #52523) [Link]
SELinux people have an even better idea!
They give you away the source code, but make sure that once you start reading it you go mad before you even start thinking about subverting it.
CloudLinux busted — twice Posted Jul 6, 2012 11:58 UTC (Fri) by spender (subscriber, #23067) [Link]
Seems someone forgot the history of LSM and Crispin Cowan ;) That's exactly what WireX wanted to do with LSM, a goal that influenced its design.
In case you forgot how that one went down, much to Crispin's chagrin:
-Brad
|
|||||||||||||