How Secure is SELinux?

cryptonix asks: "After reading this story on the latest release of SELinux, I wonder how secure it really is? Not that I question the NSA's knowhow in security related matters, but has there been any serious testing on it? What features would you like to see added and what aspects need improving?" The only way to really determine how secure something is, will be to put it out in the wild and see how well it stands up to the greatest test of all: time. SELinux probably hasn't had that much time out there yet, since isn't quite a year old yet, so it might be interesting to revisit this question in a couple of years. Until then, how has SELinux stood up to the personal testing of those of you out there who have used it?

Re:Your admin makes the difference

[The+Slashdolt]

It's really not the String class that prevents buffer overflows in Java. It's the fact that array's are objects, and not pointers to blocks of memory. An array of any type has a member called length that can tell you how long it is. Any attempt to write beyond length will throw an ArrayIndexOutOfBounds Exception instead of just being able to stomp on adjacent memory areas.

Also, in Java there are no pointers. You have references(similar but not the same). There is no way to point to memory directly, only objects.