On Sep 24, 2007, at 1:24 PM, John Stumbles wrote:
Manoj Srivastava wrote:
On Sun, 23 Sep 2007 17:13:59 -0700, consultores agropecuarios
<[EMAIL PROTECTED]> said:
The real problem with SELinux is that it come from a really well
known
untrusted organization around the globe;
This is one place I differ. I know and like Stephen Smalley,
and I do not look at all the products of the NSA as being, umm,
untrustworthy. And it is not as if it is closed source;
gazillions of
security conscious eyes have looked at the offering.
"To what extent should one trust a statement that a program is free
of Trojan horses? Perhaps it is more important to trust the people
who wrote the software."
http://cm.bell-labs.com/who/ken/trust.html
The interesting thing about this example is it's very clever and hard
to detect -- but only if everyone is using a compiler binary that was
itself built with a trojaned binary. This is where the "many eyes"
theory comes in. The moment someone uses a non-trojaned compiler to
compile the source code, the chain is broken.
So, if the concern is that SELinux may have a hidden trojan that is
being perpeptuated by it somehow slipping something into GCC's output
on-the-fly, the obvious solution would be to build your SELinux
kernel on a machine that isn't itself running SELinux.
But if you're worried that the NSA is targeting you, you've got a lot
of more serious concerns. Your monitor is radiating signals that can
be picked up and decoded. So are your network cables. And of course
your Internet connection is easy to tap. You'd really better
disconnect from the Internet and start building a Faraday cage, if
you want to be safe.
--
To UNSUBSCRIBE, email to [EMAIL PROTECTED]
with a subject of "unsubscribe". Trouble? Contact [EMAIL PROTECTED]
