NSA motives

Stephen Smalley sds at tycho.nsa.gov
Tue Jul 5 14:30:39 UTC 2005

On Tue, 2005-07-05 at 06:07 +0200, Peter Magnusson wrote:
> When was SELinux included in the mainline Linux 2.6, what version?

2.6.0-test3.  And the LSM framework, which we helped to develop, was
merged during the 2.5 development series, starting with 2.5.27 iirc.

> I feel that its interesting that NSA, famous for spying on other nations, 
> is helping to make linux more secure. Isnt that counterproductive? :)

See http://www.nsa.gov/selinux/info/faq.cfm#I10 

> What if some with evil reasons uses SELinux? Or have NSA realized that the 
> old tactic doesnt work and its better to secure so many systems as possible 
> instead. To help millions to have a more secure system is worth more than 
> to possible prevent a few bad guys to also have secure systems. Probably 
> leading that it will be more complicated or impossible for NSA to break in?

Improving the security of COTS (commercial off the shelf) systems is
necessary to meet the security needs of our customers.  Yes, there is
the potential for abuse, but such tradeoffs are inevitable.

> Im sure NSA would love to have backdoor to SELinux if someone with evil 
> reasons (what NSA thinks is evil) uses SELinux. Since SELinux is open 
> source it cant be something obviously because it will be found very 
> quickly. Must be something that its really, really well hidden.

That would be a rather foolish strategy, given that SELinux is
publically associated with NSA and the code is open.

Stephen Smalley
National Security Agency

More information about the fedora-selinux-list mailing list