Erm...
it's called SE-Linux
Modules for SE-Linux have been present in the Kernel for over 5 years
There's absolutely no point in scare-mongering
(not least cause you're 5 years late)
but more importantly, you can't hide "back doors" in open source software
I'd be more suspicious of back doors in Windows, than SE-Linux
At any one time, you don't know what Windows is doing
Anyway,
The idea was to extend basic *nix file permissions to incorporate mandatory access controls
The story, as I understand it, is:
- In 1998 the NSA started a complete overhaul of their computer systems. going from proprietary UNIX systems to Linux
They chose Linux as it offered the best features and security
plus, being open source, they could customise is to their own needs
- Linux lacked MAC security policies (which the NSA wanted), so the NSA wrote some kernel modules to fill the role
- In 2000 (presumably after extensive testing was completed), they released the modules to the Linux community - Kernels compiled with the NSA modules were dubbed Security Enhanced (SE) Linux
- In 2003, the modules were merged into the main-line kernel
If you don't like it, there's AppArmor as well, which does the same thing
(a few people complained that SE-Linux was overly complicated & difficult to implement for bog standard systems - so AppArmor was written to achieve the same goals as SE-Linux, but highly simplified)
|
|
Bookmarks