[Security_sig] 10/14 Conf. call minutes
Serge E. Hallyn
hallyn at CS.WM.EDU
Mon Oct 18 09:41:29 PDT 2004
> SELinux _can_ protect the audit infrastructure now, and can do so
> without necessarily applying fine-grained least privilege to the entire
Absolutely, and if SELinux is being used on the system at all, then it is
important to use SELinux for the audit data protections. To do otherwise
would be begging for odd interactions leading to data leakage.
Nevertheless, the existance of a small audit data protection LSM would be
useful for those who are unwilling or unable to use SELinux on their
systems. To do this wouldn't take anything away from SELinux itself, and
would (IMHO) be of tremendous use to quite a few people. Whether or not
SELinux is "too complicated" would then resolve itself over time. Personally,
I expect the answer to slowly converge toward "no" over time.
More information about the security_sig