[Date Prev][Date Next]   [Thread Prev][Thread Next]   [Thread Index] [Date Index] [Author Index]

Re: "Many" happy selinux users nowadays



On Fri, 2007-09-21 at 09:44 +0100, Andy Green wrote:
> Somebody in the thread at some point said:
> > On Fri, 2007-09-21 at 11:47 +0530, Rahul Sundaram wrote:
> >> Ralf Corsepius wrote:
> >>
> >>> If SELinux was transparently working (Which it doesn't on Fedora on many
> >>> situations), nobody would name it "infection".
> >> Pretty much every security solution has had a history of such problems.
> > Well, then better acknowledge these facts and stop reiterating RH's
> > marketing slogans. 
> > 
> > Many Fedora users, have had encounters/clashes with SELinux, so at least
> > this group of people knows that SELinux has not matured to a stage that
> > it is working transparently. We _know_ that SELinux can prevent systems
> > from operating, no matter what RH marketing wants to tell us.
> 
> Well "many" is hard to quantify compared to using it for "many with
> problems" and the completely silent majority I think we will find, of
> "many without problems" nowadays.
No disagreement. 

IMO, it's basically a matter of complexity of an existing installation
which causes SELinux to interfere and cause faults - The essential
question to answer would be: Why does SELinux cause such breakdown.
Fundamental SELinux design flaw? Fedora SELinux policy maintainer
oversight? Lack of maturity? I don't know the answers. Probably
something inbetween all of them.

> > acceptable and usable shape. Still you will find many people who switch
> > firewalls off, on certain situations (I do so on my home network's
> > clients. My server has them turned on).
> 
> It's obviously up to you how you deal with that, but I strongly believe
> that you can't inherently trust machines on any internal network any
> more than those outside.
Absolutely. It's just that I consider my own network and its users to be
sufficiently trustworthy to run these machines without a firewall on
each of them enabled.

It's actually is quite simple. As always when it comes to security,
users need to decide when to compromise between "negligent carelessness"
and "paranoia" and to find a suitable compromise with security measure.

Some people will want to live in an atomic bunker with filtered air, 2
years of food supply in storage and won't leave their home without an
armored guard. Others will want to live naked in a jungle full of
poisonous animals and violent warriors around - Most people won't do
either ;)

It should be up to the user to decide which precautions to take and
which risk they want to tolerate. - SELinux, Firewalls, read-only
file-systems, encrypted file-systems etc. all are aiming into the same
direction.

>   There was an interesting thread about this on
> Full Disclosure the other week with some guy going on about how he would
> heroically jump in the way of any foreign "cyber attack" from boxes in
> $COUNTRY and lend his powers to repelling it, etc.  A guy replied
> shortly pointing out that the attack comes from the machine next to you,
> not some easily identified foreign box.
ACK, the real damaging attacks are caused from inside of a network or
the user himself.

That's the point where at least I perceive SELinux's most noteworthy
achievement to be "self-protection" and "protection against the distro
itself misbehaving" - Not protection against external attackers.

Ralf



[Date Prev][Date Next]   [Thread Prev][Thread Next]   [Thread Index] [Date Index] [Author Index]