Linux Today: Linux News On Internet Time.

SELinux vs. OpenBSD's Default Security

Sep 26, 2007, 18:30 (3 Talkback[s])

"A thread on the OpenBSD-misc mailing list compared the security of SELinux in the 2.6 Linux kernel to what's available in OpenBSD. The general opinion was that SELinux and its policy language are too complex, leading Damien Miller to note, 'every medium to large Linux deployment that I am aware off has switched SELinux off. Once you stray from the default configurations that the system distributors ship with, the default policies no longer work and things start to break.' Ted Unangst summarized, 'the problem with security by policy is that the policy is always wrong...'"

Complete Story

Related Stories: