Share your story
The central voice for Linux and Open Source security news
Home News Topics Advisories HOWTOs Features Newsletters About Register

Sign up!
EnGarde Community
What is the most important Linux security technology?
Linux Events
Linux User Groups
Link to Us
Security Center
Book Reviews
Security Dictionary
Security Tips
White Papers
Featured Blogs
All About Linux
DanWalsh LiveJournal
Latest Newsletters
Linux Advisory Watch: March 27th, 2015
Linux Security Week: March 23rd, 2015
LinuxSecurity Newsletters
Choose Lists:
About our Newsletters
RSS Feeds
Get the LinuxSecurity news you want faster with RSS
Powered By

Linus Torvalds on SELinux Print E-mail
User Rating:      How can I rate this item?
Source: Kernel Trap - Posted by Ryan Berens   
SELinux Continuing his outspoken nature, Torvalds reigns in on the issues between LSM and SELinux. The argument as to which method should be the foundation, is being hotly debated. "You security guys are insane..." Torvalds states. What's he judging? the value of SELinux as the framework (maybe it's good, maybe it's not) or something else?

Why are security experts the focus? It seems here, that Torvalds is focusing on the source, not the content or issue itself.

Aren't we past that?

Read this full article at Kernel Trap

Maybe it's obvious, but...Written by Michael L on 2007-10-03 12:50:09
Linus was not defending SELinux at all, nor was he calling out security folks in general. He was reacting (in his usual subtle manner) to the implied suggestion that something other than the Linux Security Modules framework should be added to the kernel. He felt that SELinux's association with LSM was what inspired this idea and that the security-focused kernel devs tend to fall prey to the "Not Invented Here" syndrome. I think that it's a huge stretch to equate his comments with an aspersion against all security professionals, particularly given the context. Speaking of context, this post seems to be completely bereft of it, which is not very useful for forstering understanding but is quite beneficial when one attempts to frame an issue in a very narrow manner. 
I'm sure that we've all read Linus' comments regarding resiserfs4, gnome, etc. As far as I know, no one took those to mean that Linus hates all filesystem or desktop developers and industry insiders.
Interesting but I'm not sure I agreeWritten by Ryan b. on 2007-10-03 14:37:04
"(in his usual subtle manner)" 
This is problematic. By nature, you are viewing his comments with this context - the assumption of disposition - determining his position based on your view of all his previous statements.  
This context is not always given.  
My point is that I would have liked to see his comments devoid of this completely. In reality, Linus is a spokesman as much as he is a developer. His words (and opinions, views) carry weight most of ours do not have. This puts him in a position where he can drive an issue without always having to cover every aspect (even if it has/has not been beaten dead). In other words, he took the lazy way out.  
Do I think he was disrespecting the security field? No.  
Do I think he used a percieved disposition (insane security) to help market his point? Absolutely. The main issue, is I would have liked to see him do it without resorting to this.  
That's the point. Whether I can assume the context you already "know" is irrelevant. I'm taking him at face value based on what results from what he said.
Linus, role-models and geek cannabilismWritten by Michael L. on 2007-10-03 21:29:28
Without a doubt, Linus is a spokesman for Linux. However, expecting him to censor himself in a venue such as the LKML (where he truly is the BDFL) elevates him to the position of a role-model. a burden that he did not seek and that he definitely does not deserve. Unlike many FLOSS advocates, Linus is not looking to conquer the world. He is continuing his development of Linux for the same reason that he started it: to create something technically great and to share it with others. St. Ignatius (Stallman) he ain't, but he never claimed to be a holy man. 
Let's be clear here....I'm not a Linus fanboy. I frequently cringe at his harsh responses on mailing lists (most often on the LKML) and I wouldn't handle things in the same way. However, my sensibilities are not his concern when he is posting to a list dedicated to the software that is the center of his efforts (for another example, see Theo De Raadt's posts to OpenBSD lists). Is this the right way to handle things? I would say no, but my opinions are particularly irrelevant when applied to a specialized, somewhat cloistered and closed venue that exists for a single purpose....further the technical growth of Linux as determined by the core developers. My own wishes for a more charismatic spokesman are simply beside the point. My friends who use Gnome for their desktop environment (a target of Linus' vitriole) understand that the man does not exist to further our own ideas about what he should be. Rather, he is most important playing the role that we know him for: making Linux the best OS that it can be. Is he an a**hole at times? Yes, but I am more concerned about the technical merit of what he produces. Those looking for nuance and balance should look elsewhere than the Linux Kernel Mailing List. Kernel security may have been the topic du jour, but "marketing" is not a subject that Linus has to concern himself with on that mailing list. Others must market their ideas to him, but the reverse is simply not true. 
Had he not used the word "security" in an overly general way I doubt that any mention of this episode would have made it to this (excellent) site. By your own admission, you accept that he was not attempting to smear security professionals in general. So where's the crime? At the least, when addressing such issues please provide some context to and try not to isolate the most inflammatory elements, potentially furthering misunderstanding in your readers. In my quite humble opinion, one should not decry unfairness and simultaneously show only a miniscule snippet of the truth. 
Written by Lee on 2007-10-04 04:01:38
Everyone has to censor themselves. It's called being an adult.
speaking of nuance...Written by Michael L. on 2007-10-04 12:33:13
>Everyone has to censor themselves. It's called being an adult. 
So your patterns of communication don't change based on the recipients of said communiction? Interesting. I think I'll remain "childlike," though, as I have no desire to speak to my wife in the same pain-staking manner as I do the top executive at my place of employment.
lost in transationWritten by fak3r on 2007-10-08 12:02:30
Linus is giving his opinion again, and in the long run that's a good thing. What I think is lost here is the varying success of projects like LSM, SELinux and grsecurity. From a user's standpoint I hardly think they'll be able to tell the difference, but as a sysadmin, which way should they look to secure t heir system? Use one of the above examples, or just install a minimal Debian box with sane/defaults for security, while keeping things up to date? Really, how much should we worry about kernelland security, instead of focusing on the gateways of the trouble, and armor the apps/services instead?

Only registered users can write comments.
Please login or register.

Powered by AkoComment!

< Prev   Next >


Latest Features
Peter Smith Releases Linux Network Security Online
Securing a Linux Web Server
Password guessing with Medusa 2.0
Password guessing as an attack vector
Squid and Digest Authentication
Squid and Basic Authentication
Demystifying the Chinese Hacking Industry: Earning 6 Million a Night
Free Online security course (LearnSIA) - A Call for Help
What You Need to Know About Linux Rootkits
Review: A Practical Guide to Fedora and Red Hat Enterprise Linux - Fifth Edition
Weekend Edition
FBI Quietly Removes Recommendation To Encrypt Your Phone
And the prize for LEAST SECURE BROWSER goes to ... Chrome!
Partner Sponsor

Community | HOWTOs | Blogs | Features | Book Reviews | Networking
 Security Projects |  Latest News |  Newsletters |  SELinux |  Privacy |  Home
 Hardening |   About Us |   Advertise |   Legal Notice |   RSS |   Guardian Digital
(c)Copyright 2015 Guardian Digital, Inc. All rights reserved.