Fedora Core 2 Test 2 - delayed
Stephen Smalley
sds at epoch.ncsc.mil
Fri Feb 27 13:15:36 UTC 2004
On Fri, 2004-02-27 at 07:54, Leonard den Ottolander wrote:
> How well scrutinized is this NSA code actually? Everybody can see they
> won't slip in an obvious backdoor, but how about nasty little overflows,
> tucked away deep inside the code, for which they already have exploits
> in their drawer?
The SELinux kernel module went through the usual review process on
lkml. Further code audit of the SELinux userland patches and new
userland packages is certainly welcome; we are certainly capable of
making mistakes too, but no, there is no intentional introduction of
vulnerabilities.
--
Stephen Smalley <sds at epoch.ncsc.mil>
National Security Agency
More information about the fedora-devel-list
mailing list