Am 05.09.2013 23:58, schrieb Javier Perez: > I know SELinux is not about encryption, it is about limiting access to the > system AFTER a breach has ocurred. (That > is my understanding AFAIK, and that is why I think it is a good idea)
well, so *why* do you refer to an article about encryption > My beef is given the NSA origin of this software, It could very well have a > backdoor to turn itself off under the > appropriate circumstances like an NSA-sponsored breach an allow unrestricted > access to my system "could very well" is not any qualified statement - it is FUD > I know it is a long shot and a lot of paranoid-think, after all, if I have to > depend on SELinux to defend my system > from external breaches, I am F*ck up already. says who? > Attackers should first have to breach the firewall and then obtain some sort > of user access *what* has a firewall to do with a potential buffer overlow in running code resulting in execute inujected code on your system - that's what SElinux is about may i suggest to learn basics about the different layers of a operating system before read random completly unrelated articles and speard FUD based on them without understan dwhat they are talking about? > then trick the system to scalate it to a root access before SELinux comes > into play may i suggest to learn how SElinux works it is supposed to prevent exactly this > But again, It is good to know that all links in the chain to being pawned > are good and strong before trusting them, and this article certainly throws > some mud to whatever contribution NSA has made to any security system without any specified backround it is uneducated FUD no tmore and not less
signature.asc
Description: OpenPGP digital signature
-- users mailing list users@lists.fedoraproject.org To unsubscribe or change subscription options: https://admin.fedoraproject.org/mailman/listinfo/users Fedora Code of Conduct: http://fedoraproject.org/code-of-conduct Guidelines: http://fedoraproject.org/wiki/Mailing_list_guidelines Have a question? Ask away: http://ask.fedoraproject.org
