Home page logo
/

dailydave logo Dailydave mailing list archives

Re: In defense of Mandatory Access Control,
From: pageexec () freemail hu
Date: Wed, 08 Apr 2009 00:37:02 +0200

On 7 Apr 2009 at 12:47, yersinia wrote:

There is someone that have already done it, other that write about
this topic (
http://etbe.coker.com.au/2007/10/10/how-se-linux-prevents-local-root-exploits/
)

which part of

  (obviously not counting those that are not reachable due to kernel
  or policy configuration)."

did you not understand? or are you perhaps suggesting that those kernels
cannot be exploited because one can write a policy that maybe prevent two
bugs from being reachable and there are no other kernel bugs left in there?
will you please expose your own box to the net using this magic kernel? ;)

Try the selinux play machine - it's only access is root with uid 0.
http://www.coker.com.au/selinux/play.html

so what valuable data will one find on this machine? nothing? is that all that
SELinux is able to protect?

_______________________________________________
Dailydave mailing list
Dailydave () lists immunitysec com
http://lists.immunitysec.com/mailman/listinfo/dailydave


  By Date           By Thread  

Current thread:
[ Nmap | Sec Tools | Mailing Lists | Site News | About/Contact | Advertising | Privacy ]
AlienVault