Possible security hole for Dialers/troyan horses
kkr
kkr22.mpt56 at bluewin.ch
Thu Mar 1 20:10:04 CET 2007
Le jeudi 01 mars 2007 à 09:48 -0600, Jonathon Suggs a écrit :
<snip>
> Isn't this something along the lines of SELinux? If that is the case,
> is that something we should look at implementing?
<snip>
As I understood SELinux, it would be a good tool for security.
Many (or most) other (close) Linux phone use SELinux to (successfully)
block hacker who want to free their phone. But if we use it for our
interest, I feel, it would be fine.
But if a user doesn't want to think about the problem of security, as
he will download anything from everywhere (binary from untrusted
source), he will simply switch off SELinux in a way of making working
his new (downloaded) application...
As I remember, with Fedora Core 6 (which use SELinux), when I've
installed some application from official repository, some application
doesn't work because the policy of SELinux is not, or badly implemented
for them. So, I did have the chose to:
- write by myself a new SELinux policy (but I do not have enough skill
to do that)
- disable SELinux to use it
- not use it
So, if I've chose to wait an update of the SELinux policy, I guess, some
users would simply chose to disable SELinux...
We can do nothing for users which doesn't care about security concern,
except trying to educated them... Or simply don't care about their
problem.
Regards,
More information about the community
mailing list
