Slashdot Mirror
How the NSA Took Linux To the Next Level
An anonymous reader brings us IBM Developerworks' recent analysis of how the NSA built SELinux to withstand attacks. The article shows us some of the relevant kernel architecture and compares SELinux to a few other approaches. We've discussed SELinux in the past. Quoting:
"If you have a program that responds to socket requests but doesn't need to access the file system, then that program should be able to listen on a given socket but not have access to the file system. That way, if the program is exploited in some way, its access is explicitly minimized. This type of control is called mandatory access control (MAC). Another approach to controlling access is role-based access control (RBAC). In RBAC, permissions are provided based on roles that are granted by the security system. The concept of a role differs from that of a traditional group in that a group represents one or more users. A role can represent multiple users, but it also represents the permissions that a set of users can perform. SELinux adds both MAC and RBAC to the GNU/Linux operating system."
You can read a EULA too, but how often do people do that? Now lets think here... How many Linux sysadmins are proficient in C (i.e. have at least the knowledge contained in K&R)? Of those, how many have enough knowledge to understand kernel code? Of those, how many have the spare time to do so? And of those, how many will bother? And of those, how many will build the OS from source to ensure that the binaries aren't compromised? Just because something is open source doesn't necessarily mean it's safe. I'm not saying I think there is or is not a devious plot here.. But I am saying that you shouldn't assume that open source code cannot be malicious.
- that the NSA hasn't planted a backdoor somewhere in the code? Isn't that what they wanted in windows? I know it is OSS, but it is still a lot of code, and inspecting it all is a bit beyond me.