Dailydave mailing list archives

Previous By Date Next
Previous By Thread Next

Re: In defense of Mandatory Access Control,

From: pageexec () freemail hu
Date: Wed, 08 Apr 2009 00:37:02 +0200
On 7 Apr 2009 at 12:47, yersinia wrote:


There is someone that have already done it, other that write about
this topic (
http://etbe.coker.com.au/2007/10/10/how-se-linux-prevents-local-root-exploits/
)


which part of

  (obviously not counting those that are not reachable due to kernel
  or policy configuration)."

did you not understand? or are you perhaps suggesting that those kernels
cannot be exploited because one can write a policy that maybe prevent two
bugs from being reachable and there are no other kernel bugs left in there?
will you please expose your own box to the net using this magic kernel? ;)


Try the selinux play machine - it's only access is root with uid 0.
http://www.coker.com.au/selinux/play.html


so what valuable data will one find on this machine? nothing? is that all that
SELinux is able to protect?

_______________________________________________
Dailydave mailing list
Dailydave () lists immunitysec com
http://lists.immunitysec.com/mailman/listinfo/dailydave
Previous By Date Next
Previous By Thread Next

Current thread: