Language Selection

English French German Italian Portuguese Spanish

Does the NSA's SE Linux code need a review?

Filed under
Linux
Software
Security

In the wake of the recent revelations that America's National Security Agency is spying on all and sundry, is it time for the Linux community to take another good, hard look at the NSA-developed Security Enhanced Linux?

The NSA's Security Enhanced Linux comprises a kernel patch to add security features, and patches to applications to allow them to determine the security domain in which to run processes.

The code was initially developed by the NSA and is under the GPLv2, the same licence as the kernel. Numerous individuals and companies have made contributions to the project.

Recently, Cyanogenmod, one of the more popular forks of the Android mobile operating systems, announced it would be incorporating SE Linux as part of its security features.

rest here




Also: NSA can spy on every American

More in Tux Machines

Leftovers: Gaming

Leftovers: Software

today's howtos

ACPI, kernels and contracts with firmware

This ends up being a pain in the neck in the x86 world, but it could be much worse. Way back in 2008 I wrote something about why the Linux kernel reports itself to firmware as "Windows" but refuses to identify itself as Linux. The short version is that "Linux" doesn't actually identify the behaviour of the kernel in a meaningful way. "Linux" doesn't tell you whether the kernel can deal with buffers being passed when the spec says it should be a package. "Linux" doesn't tell you whether the OS knows how to deal with an HPET. "Linux" doesn't tell you whether the OS can reinitialise graphics hardware. Read more