[SGVLUG] Reverse Engineering / Analyzing the SELinux
Kernel Source Code?
Dustin Laurence
dustin at laurences.net
Tue May 23 23:36:55 PDT 2006
On Tue, May 23, 2006 at 10:43:48PM -0700, Sean O'Donnell wrote:
> After reading the (2.6.10 kernel) analysis which describes various flaws
> in the linux random number generator, it made me wonder if an actual
> analysis had been performed on the SELinux kernel.
>
> http://www.pinkas.net/PAPERS/gpr06.pdf
Does SELinux replace the RNG? What kind of analysis? At what level of
detail? Perhaps I did not understand the question, but it doesn't take
very long before it gets just silly--you are more vulnerable to many
other things. It's like the French continually reinforcing the Maginot
line without considering the possibility of a flanking attack through
the Ardennes. No one link makes you more secure.
> The possibility of tainted binaries are one reason why I prefer
> compiling (most, especially tcp/udp/ip server applications) from source.
Fine, though I think that's paranoid (I trust a Debian or
Slackware-shipped binary more than I trust yours :-) ). And do you
understand the implications of the "trusting trust" paper? If you are
worried about
> ...*highly
> unlikely, but 100% possible*
attacks, then you need to be worried about verifying your compiler.
Building it from verified source does *not* verify the binary--that is,
in fact, the major point of Ken Thompson's paper.
Dustin
-------------- next part --------------
A non-text attachment was scrubbed...
Name: not available
Type: application/pgp-signature
Size: 189 bytes
Desc: not available
Url : http://www.sgvlug.net/pipermail/sgvlug/attachments/20060523/5b4d70c9/attachment-0001.bin
More information about the SGVLUG
mailing list