| |||||||||||||
CloudLinux busted — twiceCloudLinux busted — twicePosted Jul 5, 2012 19:05 UTC (Thu) by BenHutchings (subscriber, #37955)In reply to: CloudLinux busted — twice by wazoox Parent article: CloudLinux busted — twice
They are following the reliable methodology of security through obscurity. If you hide the source code for the module, no-one can work out how to subvert it. Simple! We should apply this to all the LSMs too!
(Log in to post comments)
CloudLinux busted — twice Posted Jul 6, 2012 5:53 UTC (Fri) by Cyberax (✭ supporter ✭, #52523) [Link]
SELinux people have an even better idea!
They give you away the source code, but make sure that once you start reading it you go mad before you even start thinking about subverting it.
CloudLinux busted — twice Posted Jul 6, 2012 11:58 UTC (Fri) by spender (subscriber, #23067) [Link]
Seems someone forgot the history of LSM and Crispin Cowan ;) That's exactly what WireX wanted to do with LSM, a goal that influenced its design.
In case you forgot how that one went down, much to Crispin's chagrin:
-Brad
|
|||||||||||||