Openwall GNU/*/Linux - a small security-enhanced Linux distro for servers
[<prev] [next>] [<thread-prev] [thread-next>] [day] [month] [year] [list]
Date: Fri, 21 Jul 2017 13:07:57 +0200
From: Nicolas RUFF <>
Subject: Re: CoreOS membership to linux-distros (updated)

> A more recent, Android-centered presentation ( cites Wikipedia, stating that "[...] the security of an SELinux system depends primarily on the correctness of the kernel and its security-policy configuration", further highlighting the lack of in-depth research.

Not sure if we should derail this thread into a SELinux discussion,
but a friend of mine had a look lately and found dozens of
implementation issues (none of which got CVE assigned AFAIK):

Let's consider this one, it makes you wonder if this code has ever been run:
- for (i = 0; i < j; j++)
+ for (i = 0; i < j; i++)
  semanage_module_info_destroy(sh, &(*modinfo)[i]);

- Nicolas RUFF

Powered by blists - more mailing lists

Your e-mail address:

Please check out the Open Source Software Security Wiki, which is counterpart to this mailing list.

Powered by Openwall GNU/*/Linux - Powered by OpenVZ