Compartmentalized computing with CLIP OS

Posted Oct 29, 2018 19:31 UTC (Mon) by SEJeff (guest, #51588)
Parent article: Compartmentalized computing with CLIP OS

This sounds a lot like a modern version of the NSA's Flask Security Architecture (of which the result was in fact SELinux) to provide Information Assurance guarantees enforced at the Kernel level:

https://www.usenix.org/conference/8th-usenix-security-sym...

Compartmentalized computing with CLIP OS

Posted Oct 30, 2018 9:29 UTC (Tue) by ortalo (guest, #4654) [Link] (1 responses)

I agree it is the same kind of sound, yes. But while "SE" lead to very low level (and possibly very difficult to use) mandatory mechanisms, I have the feeling that "CLIP" may lead to very coarse grain (possibly dual conlfidentiality level-only) use cases that may only be useful in specific contexts.
Like when intelligence analysts are browsing the public (dark)web while writing governmental reports ; and the commander is paranoid about viruses revealing secret information on ministers mistresses (before they publish a book themselves).
I am not so optimistic that these mechanisms can be useful in the general case ; but I really welcome the move towards doing the development of the next version in the open.

Compartmentalized computing with CLIP OS

Posted Oct 31, 2018 14:09 UTC (Wed) by marcH (subscriber, #57642) [Link]

> But while "SE" lead to very low level (and possibly very difficult to use)

Not difficult at all, look: https://www.google.com/search?q=disable+selinux (over 1 million hits!)

In *some* situations disabling SElinux can make the system... more secure by removing the false sense of security provided by an obviously misconfigured solution.

Knowing where it came from, I've always wondered if anyone involved in the design actually expects SELinux to be frequently misconfigured.