Walsh: Introducing the SELinux Sandbox

Who do you believe doesn't know better that was addressed by Red Hat? And since when has the air been that good at preventing information from propagating?

Most customers fairly serious about security who would take any vendor's word on perfection would seek out certifications "just to be safe." [And note that many customers have claimed to value security yet have taken the word of vendors that keep their systems closed source!]

And even with certifications, look at what can happen: http://cryptome.org/ed-curry.htm . Customers may "want" security, but most apparently speak a different language when it comes to making purchases so are willing to trust vendors and look the other way.

Anyway, for the sake of approaching intellectual honesty, the SELinux vendors (and everyone) should consider telling the whole story [and closed source vendors should stop trying to push their wares on security conscience buyers since they aren't even willing to meet the basics of transparency and peer review].