Subject: Re: SE Linux vs SE NetBSD !!
To: Andrew Reilly <andrew-netbsd@areilly.bpc-users.org>
From: Robert Watson <rwatson@FreeBSD.org>
List: tech-security
Date: 08/31/2006 06:36:30
On Tue, 29 Aug 2006, Andrew Reilly wrote:
> On Fri, Aug 25, 2006 at 03:56:00PM -0500, Travis H. wrote:
>> That's okay, if there's sufficient number of people to write those
>> policies. Similarly, 99% of the Unix user population can't write solid
>> kernel code, for example a device driver. That's okay because we can copy
>> bits for zero marginal cost from the people who can for the people who
>> can't.
>
> This is getting to the heart of the bit that I don't understand about this
> whole area (SE-Foo, etc). Please pardon the intrusion of a know-nothing...
>
> How can someone else write my security policy for me? How can there be just
> one such, and application-based? Isn't the point of policy that it's up to
> me? If it's just a documentation of the capabilities of the application,
> then what does it offer over and above the application itself?
>
> What sort of applications are we talking about? Presumably not /bin/sh or
> /usr/pkg/bin/perl: those have rather a lot of potential behaviours.
Most of the shipped policies in recent RedHat releases are what they call
"targeted" policies. They narrowly constrain specific applications with
well-defined functionality and behavior. For example, they constrain BIND,
Sendmail, etc.
Robert N M Watson
Computer Laboratory
University of Cambridge