NSA motives

[Stephen Smalley]

On Tue, 2005-07-05 at 10:42 -0500, alex at milivojevic.org wrote:
> Sorry, it wasn't my intention to blame the messanger.  All I wanted to 
> say (and
> as usually badly expressing myself) was that making system secure is a complex
> task.  Simply having SELinux enabled on the system does not make the system
> ultimately secure.  Making changes to default policies without fully
> understanding what the changes will introduce just makes it even less secure.
> 
> Example: On several Linux-end-users type of lists I already saw posters with
> good intentions giving advice to include this or that rules into the policy to
> solve various problems, just to have other people screeming in replies that
> those including such rules into their policy could just as well disable 
> SELinux
> completely with about the same effects.
> 
> If somebody Googles around to find solution to the specific problem and finds
> advice to do "chmod -R a+rw /", (s)he is not likely to actually do it.  On the
> other hand, there is many more people that will include some random set of
> rules into their SELinux policy, giving application(s) way more access then
> they really need.  Nothing to do with SELinux as such, and it would be 
> wrong to
> blame it.  But rather with human nature (which is the weakest link of any
> security system).

Yes, understood.  And as I say, there is ongoing work to make (correct)
policy configuration much more accessible to typical end users.

-- 
Stephen Smalley
National Security Agency