|
|
Log in / Subscribe / Register

Walsh: Introducing the SELinux Sandbox

Walsh: Introducing the SELinux Sandbox

Posted May 29, 2009 1:14 UTC (Fri) by hozelda (guest, #19341)
In reply to: Walsh: Introducing the SELinux Sandbox by nix
Parent article: Walsh: Introducing the SELinux Sandbox

nix, I think you are basically correct, but an attack on a FOSS system is complicated by the fact that users can take active steps at any time to help thwart attacks. These users have a lot more information at their fingertips than those who don't have source code nor an ability to controllably change their system around whenever they feel it is necessary.

It's ridiculous how vulnerable you are when you depend fundamentally on information others are keeping secret from you.

to post comments

Walsh: Introducing the SELinux Sandbox

Posted May 29, 2009 7:03 UTC (Fri) by nix (subscriber, #2304) [Link]

Yes. Hell, even if they don't know the attack class and can recompile
everything, they can simply randomly perturb their system
(function-neutral changes to ABI, say) or change their architecture:
security through obscurity may be an ugly hack but the number of people
launching attacks on old MIPS boxes is minimal :)


Copyright © 2026, Eklektix, Inc.
Comments and public postings are copyrighted by their creators.
Linux is a registered trademark of Linus Torvalds