On Tue, Jan 07, 2014 at 11:04:33 -0500,
m.roth(a)5-cent.us wrote:
Here's one for the selinux list: a thread just started on the
CentOS list,
about whether the encryption tools from upstream were trustworthy, given
the revelations from Snowdon in the last six months. That, of course,
leads to the question as to whether selinux, and its base policies, are
trustworthy, given they were written by the NSA....
So, why *should* we trust it?
The code was looked at by other kernel developers. There are already plenty
of kernel bugs being found, I don't think the risk of using the selinux code
is significantly higher than using the rest of the kernel.
Selinux itself, isn't doing anything secret. At its heart it's a pretty
simple system.