[Boards: 3 / a / aco / adv / an / asp / b / bant / biz / c / can / cgl / ck / cm / co / cock / d / diy / e / fa / fap / fit / fitlit / g / gd / gif / h / hc / his / hm / hr / i / ic / int / jp / k / lgbt / lit / m / mlp / mlpol / mo / mtv / mu / n / news / o / out / outsoc / p / po / pol / qa / qst / r / r9k / s / s4s / sci / soc / sp / spa / t / tg / toy / trash / trv / tv / u / v / vg / vint / vip / vp / vr / w / wg / wsg / wsr / x / y ] [Search | Free Show | Home]

SELINUX

This is a blue board which means that it's for everybody (Safe For Work content only). If you see any adult content, please report it.
  1. Home
  2. /g/ - Technology
  3. SELINUX
Thread replies: 14
Thread images: 1

Anonymous
SELINUX 2017-05-11 05:59:22 Post No. 60330671
[Report] Image search: [Google]
File: 1478235783780.jpg (189KB, 505x846px) Image search: [Google]
1478235783780.jpg
189KB, 505x846px
SELINUX Anonymous 2017-05-11 05:59:22 Post No. 60330671 [Report]
REDPILL ME ON SELINUX

IS IT THE MOST SECURE LINUX EVER?

pic unrelated
>>
Anonymous 2017-05-11 06:21:31 Post No.60330996
[Report]
Anonymous 2017-05-11 06:21:31 Post No.60330996 [Report]
>>60330671
>MOST SECURE
*as long as offline
>>
Anonymous 2017-05-11 06:44:10 Post No.60331314
[Report]
Anonymous 2017-05-11 06:44:10 Post No.60331314 [Report]
>>60330996
t. cia nigger
>>
Anonymous 2017-05-11 06:45:47 Post No.60331333
[Report]
Anonymous 2017-05-11 06:45:47 Post No.60331333 [Report]
>>60331314
mi6 nigger
>>
Anonymous 2017-05-11 06:52:12 Post No.60331420
[Report]
Anonymous 2017-05-11 06:52:12 Post No.60331420 [Report]
>>60331333
nice script nsa
>>
Anonymous 2017-05-11 08:16:52 Post No.60332812
[Report]
Anonymous 2017-05-11 08:16:52 Post No.60332812 [Report]
>>60330671
Yes totally secure, mossad aproved
>>
Anonymous 2017-05-11 08:37:37 Post No.60333154
[Report]
Anonymous 2017-05-11 08:37:37 Post No.60333154 [Report]
>>60330671
Selinux was created by the NSA, so do the math.
>>
Anonymous 2017-05-11 10:06:43 Post No.60334290
[Report]
Anonymous 2017-05-11 10:06:43 Post No.60334290 [Report]
selinux stops retards doing retarded things. It literally protects the system from stupid users. It's great and should be default enforcing on every Linux distribution.
>>
Anonymous 2017-05-11 10:11:49 Post No.60334344
[Report]
Anonymous 2017-05-11 10:11:49 Post No.60334344 [Report]
>>60330671
Use Qubes instead.
>>
Anonymous 2017-05-11 10:13:21 Post No.60334368
[Report]
Anonymous 2017-05-11 10:13:21 Post No.60334368 [Report]
>>60330671
yes, it is the SECUREST

>>60330996
it's just an acl
>>
Anonymous 2017-05-11 10:40:29 Post No.60334727
[Report]
Anonymous 2017-05-11 10:40:29 Post No.60334727 [Report]
>>60330671
It's a defense-in-depth thing. By itself it won't save you from much. (and it WILL cause something or other to mysteriously fail until you think to check if its SELinux doing it...) Its value is in limiting the damage an attacker can do after they've made the initial break.
>>
Anonymous 2017-05-11 10:47:37 Post No.60334841
[Report]
Anonymous 2017-05-11 10:47:37 Post No.60334841 [Report]
>>60334727
so why are they satisfied with this?
why don't they do full kernel hardening like grsecurity does?
it'd be really nice seeing as how the latter is now only available for subscribers
>>
Anonymous 2017-05-11 10:49:08 Post No.60334860
[Report]
Anonymous 2017-05-11 10:49:08 Post No.60334860 [Report]
>>60330671
Use AppArmor instead.
>>
Anonymous 2017-05-11 11:04:29 Post No.60335046
[Report]
Anonymous 2017-05-11 11:04:29 Post No.60335046 [Report]
>>60334841
Some of the grsec stuff has gone upstream, and some more is in the pipeline (eg, more kernel mode ASLR) Some other stuff will never be upstream because its ugly, hackish, and difficult to maintain, and/or it violates Linus's rule of "never break userspace". (Linus said as much in a mailing-list post at some point, go look it up if you like)

Also note that SELinux and grsec are different beasts. SELinux is MAC. Essentially a turbocharged permissions and user/group system, the idea being that processes should have least-privilege way beyond what you can do with ordinary user permissions. (one example I ran into was that it won't let OpenVPN use certificates unless those certificates are where it expects them to be.) Grsec is all about making the exploit harder to attain in the first place by bolting things down in kernel code - like the aforementioned ASLR.
Thread posts: 14
Thread images: 1
[Boards: 3 / a / aco / adv / an / asp / b / bant / biz / c / can / cgl / ck / cm / co / cock / d / diy / e / fa / fap / fit / fitlit / g / gd / gif / h / hc / his / hm / hr / i / ic / int / jp / k / lgbt / lit / m / mlp / mlpol / mo / mtv / mu / n / news / o / out / outsoc / p / po / pol / qa / qst / r / r9k / s / s4s / sci / soc / sp / spa / t / tg / toy / trash / trv / tv / u / v / vg / vint / vip / vp / vr / w / wg / wsg / wsr / x / y] [Search | Top | Home]

I'm aware that Imgur.com will stop allowing adult images since 15th of May. I'm taking actions to backup as much data as possible.
Read more on this topic here - https://archived.moe/talk/thread/1694/


If you need a post removed click on it's [Report] button and follow the instruction.
DMCA Content Takedown via dmca.com
All images are hosted on imgur.com.
If you like this website please support us by donating with Bitcoins at 16mKtbZiwW52BLkibtCr8jUg2KVUMTxVQ5
All trademarks and copyrights on this page are owned by their respective parties.
Images uploaded are the responsibility of the Poster. Comments are owned by the Poster.
This is a 4chan archive - all of the content originated from that site.
This means that RandomArchive shows their content, archived.
If you need information for a Poster - contact them.