Slashdot Mirror

← Back to Stories (view on slashdot.org)

Did MS Lobbying Stop NSA Work On SELinux?

Posted by timothy on from the this-foil-hat-is-extremely-comfortable dept.

inquisitive points to this CNET story on how George Wash Univ. may help Linux gain certification under the Common Criteria, certification required for software to be used in some sensitive government roles. In the same story, though, is an interesting quote from another effort at bringing GPL'd software to the public sector: "'We didn't fully understand the consequences of releasing software under the GPL (General Public License),' said Dick Schafer, deputy director of the NSA. 'We received a lot of loud complaints regarding our efforts with SE Linux.'" Sources familiar with events said that aggressive Microsoft lobbying efforts have contributed to a halt on any further work. 'Microsoft was worried that the NSA's releasing open-source software would compete with American proprietary software,' said a source familiar with the complaints against the NSA who asked not to be identified."

3 of 549 comments (clear)

  1. US Gov simply cannot release stuff under GPL. by phkamp · · Score: 4, Informative
    It's really very simple:

    To release source code under the GPL, you have to hold the copyright to the code.

    The US Government (in this case represented by NSA) cannot hold a copyright, the law does not allow for it.

    No copyright, no GPL, end of story.

    But I have no doubt that M$ whined too.

    --
    Poul-Henning Kamp -- FreeBSD since before it was called that...
    1. Re:US Gov simply cannot release stuff under GPL. by phkamp · · Score: 4, Informative
      Here is the actual chapter and verse:

      17USC 105. Subject matter of copyright: United States Government works

      Copyright protection under this title is not available for any work of the United States Government, but the United States Government is not precluded from receiving and holding copyrights transferred to it by assignment, bequest, or otherwise.

      --
      Poul-Henning Kamp -- FreeBSD since before it was called that...
  2. It's the applications, stupid by Animats · · Score: 4, Informative
    Most of you miss the point about SELinux. It's not an attempt to build something NSA would consider a secure system. It's a prototype on which apps can be written which might, someday, run on a system with mandatory security policies.

    Writing server-type apps to live within the constraints of a mandatory access policy is tough. (Look at how much crap runs as root because people can't make it live within the UNIX permission structure, which is far less restrictive.) But it's the only approach that works, because the applications aren't trusted.

    If you want to help, make some major application, like a mail program, work under SELinux, with as little trusted code as possible. Somebody was doing this for an FTP server, but those are of limited use. A mail server on SELinux would actually be useful.