SE Linux and Decrypted Data
Source: etbe.coker - Posted by Bill Keys   
SELinux There is currently a discussion on the Debian-security mailing list about how to protect data which came from an encrypted file. I was going to skip that one until someone summoned me by mentioning SE Linux.

The issue which was raised is that data from an encrypted file can be read from /dev/mem (for all memory of the machine) or /proc//mem (for the memory of the process). It was suggested that SE Linux can prevent such attacks, however itís not that simple. How do you secure data that came from an encrypted file? This article takes the position that SELinux is the answer. Do you agree after reading it?

Read this full article at etbe.coker

LSA European ParliamentWritten by D. Schuerewegen on 2008-11-27 10:12:44
I agree with the author, it's feasible, but not straightforward.  
On the other hand, some kernel processes need access to /dev/mem (i.e. memory management), so how are you going to deny them access to decrypted data?

Only registered users can write comments.
Please login or register.

Powered by AkoComment!