NSA Releases Updated SELinux 319
darthcamaro writes "Looks like our federal tax dollars are hard at work - improving security on Linux! The NSA - you know the folks that are shadowy figures on X-files - have released the latest updates to SELinux (security enhanced). Internetnews.com has got a piece on it
where they talk to Gentoo and Red Hat about the release's significance."
eeeeenteresting.... (Score:5, Funny)
Anyone can provide contrast/comparisons?
Re:eeeeenteresting.... (Score:5, Funny)
Tin Foil Hat Linux [shmoo.com]
Re:eeeeenteresting.... (Score:5, Funny)
The Illuminati are watching your computer, and you need to use morse code to blink out your PGP messages on the numlock key.
KFG
Re:eeeeenteresting.... (Score:5, Funny)
I don't get it. What's so funny?
Re:eeeeenteresting.... (Score:3, Insightful)
Chris
Re:eeeeenteresting.... (Score:5, Insightful)
No, but if someone made changes and enhancements to my code or related to my code, I would most definitely like to see the changes.
Especially if its an agency like the NSA.
And am sure, so would the contributors to the various kernel and networking parts of Linux (or for that matter other Open Source works).
Besides, ever seen your average mail (and the number of mails) on Bugtraq or Security Focus mailing lists? There are quite a few people out there who would be quite interested.
Also, remember that even if NSA wanted to introduce backdoors, this would be too early - they would need to build up the trust to a level when people will get a little careless and then take advantage
Oops! Here's the correctly formated link (Score:2, Informative)
KFG
Re:eeeeenteresting.... (Score:5, Informative)
Shouldn't this be our default system? (Score:4, Interesting)
Re:Shouldn't this be our default system? (Score:5, Insightful)
Re:Shouldn't this be our default system? (Score:3, Funny)
Re:Shouldn't this be our default system? (Score:4, Interesting)
It would be the variable set for "machine is off."
Think about it.
Not only off (Score:4, Funny)
Re:Shouldn't this be our default system? (Score:5, Funny)
That can't be true, because it would mean that Windows has infinite convenience!
Re:Shouldn't this be our default system? (Score:3, Funny)
Re:Shouldn't this be our default system? (Score:5, Informative)
Except that this isn't necessarily true. It's probably true that there's an inverse relationship between convenience and security within a given security architecture, but the whole point of SELinux is that it changes the architecture. There's no loss of convenience to a user when suid programs are replaced by ones that have specific limited privileges, but there is a big gain in security. An average user probably won't even notice that they're using a SELinux system instead of an older system. It may be more of a pain for administrators, and certainly will be more of a pain for distribution writers, but they're professionals who should be able to deal with it.
Re:Shouldn't this be our default system? (Score:5, Informative)
Re:Shouldn't this be our default system? (Score:4, Informative)
Re:Shouldn't this be our default system? (Score:3, Informative)
1.) anything that breaks compatibility will be rejected
2.) anything that slows the kernel down will be rejected.
Security isn't linus's highest priority unless it can be achieved seamlessly, And nobody wants to break away from mainline kernel compatibility. Except the nitch people Adamantix, SElinux itself and a couple others. That's why Red Hat pushed for SElinux in 2.6 so hard and has employees who package SElinux a
Re:Shouldn't this be our default system? (Score:4, Funny)
Well, I just downloaded and installed it.
One thing I don't like is all these damn -- ouch! the keyboard just shocked me! -- darn pop-ups.
Like every 10 minutes up pops a window, and there's John Ashcroft staring back at me, and he keeps calling me "Winston Smith" whoever the hell -- ouch!, ok, ok -- that is, and he's keeps telling me I'm broadcasting an IP address and a retinal pattern, or that I'll have to upgrade to the "Corporate Professional" version if I want add-ons like my 4th Amendment rights, or asking whether I'm an "outlawed homo-pervert" or do I qualify for the "fellow Christian Faith-Based Set-Asides" discount.
I dunno, are you sure this SELinux was built with the end-user in mind?
Re:Shouldn't this be our default system? (Score:5, Insightful)
Anyone that can read and understand C. Thank God for OSS.
A better question would be, who would trust Microsoft?
X-Files Eh? (Score:5, Funny)
I'm in. Where do i get it?
Now with 200% more... (Score:3, Funny)
Context (Score:5, Interesting)
On the other hand, I think this is a great example of why open source software is a good thing - anyone, the government included, can improve the software. I'm sure they feel much better about using an OS that they've personally inspected and tested than something else [microsoft.com].
Agree Strongly. (Score:5, Insightful)
Better go over the source... twice (Score:2, Insightful)
I am guessing it will either somehow steal every bit of information, including your fingerprints
or be totally sweet
Re:Better go over the source... twice (Score:5, Insightful)
Well, those who are able should be going over the source closely anyways. The adversaries are!
Remember, NSA has two mandates:
1) Help Americans secure their boxen, and
2) Be able to 0wnz0r any non-American's boxen.
Just because #2 gets all the press on Slashdot doesn't invalidate #1. The net effect of "more machines on the network are secure, even though some of those machines are used by non-Americans, and even if that fact makes some things a little more difficult for the other half of NSA" is still an increase in security for Americans.
SELinux is consistent with NSA's goals in providing a secure information infrastructure for US Citizens. Given that NSA knows that the code will be closely examined by both NSA-friendly and NSA-hostile folk alike, I'd expect SELinux code to be safe, and would treat such code with a policy of "trust, but verify." (More precisely: "Verify, but trust.")
Re:Better go over the source... twice (Score:3, Insightful)
Re:Better go over the source... twice (Score:3, Interesting)
Re:Better go over the source... twice (Score:2)
I think that needs to be changed to 2) Be able to 0wnz0r any terrorist boxen. This group includes everyone who is not a citizen of USA and many who are, including, according to our secretary of education, all teachers.
Rather generous of the NSA (Score:5, Insightful)
Unless of course they are trying to sneak some NSA backdoors into Linux kernels
Re:Rather generous of the NSA (Score:5, Insightful)
All in all, this is a very good thing. If nothing else, its kind of hard for other OS's to compete with "The NSA's OS" on security concerns.
Re:Rather generous of the NSA (Score:5, Insightful)
However, that doesn't mean that taking a long and critical look at the modifications isn't worthwhile...
Re:Rather generous of the NSA (Score:5, Insightful)
Like the average slashdotter trusted them now.
Why should it surprise people if this code is clean. The NSA wanted an OS that they could examine, for their own security. They got one, and made sure it was as safe as possible so they could run it internally. Then they did what a government agency is supposed to do, that is, act like the law applied to them as well and respect the GPL. Like it would be smart to bite the hand that feeds them, and have to go back to using an OS they would have a harder time verifying.
Re:Rather generous of the NSA (Score:2, Insightful)
Re:Rather generous of the NSA (Score:3, Insightful)
Although there has been at least one known attempt to deliberately insert a security hole into the Linux kernel before, it would be a pretty outrageous thing for a government to attempt. It would almost certainly be spotted.
If the NSA are into that sort of thing, they are more likely to sneak/coerce their backdoor into closed source software where it is more likely to go unnoticed and perhaps be harder to trace back to it's authors.
what would darl say, (Score:3, Funny)
Re:Rather generous of the NSA (Score:5, Funny)
Re:Rather generous of the NSA (Score:5, Funny)
we'd like to show you a few things. Exhibit one. A picture of you entering a hotel room in Orem with two live nanny goats, a
rubber raft, a pair of chaps and a can of Frymax fryer grease. Exhibit 2. Pictures from within the room of activities which violate the laws of God and Man, if not those of the State of Utah. Exhibit 3, credit card receipts for animal tranquilizers and male goat hormones. Shall we continue?"
Re:Rather generous of the NSA (Score:2)
Re:Rather generous of the NSA (Score:3, Insightful)
Anyway, the NSA has two tasks SIGINT (signal intelligence) or code breaking, and the other is Information Assurance as it relates to US National Security interests.
Both are broad tasks, the most exciting and romantic is ofcourse is the SIGINT code breaking, spying, espionage, being clever, etc.
The janitorial work is the Information Assurance, and that is the prot
Re:Rather generous of the NSA (Score:2, Interesting)
click
"Ooh, sweet Flash intro..."
Something isn't right about that...
Come on (Score:2, Insightful)
Although, that may describe why he always has those blind marks across his face.
Re:Come on (Score:3, Funny)
Then again, I'm pretty sure my mailman opens my birthday cards.
Re:Come on (Score:4, Funny)
So does the NSA :)
Re:Come on (Score:2)
Is it just another case of life imitating art [upn.com]?
Using the term "art" extremely loosely, of course.
Spotting NSA agents should be pretty darn easy according to Jake 2.0,
just look for the pretty boy or the hot chick.
Re:Come on (Score:3, Interesting)
The vast majority of their work is maintaining secure communications for the military and other intelligence agencies plus analizing (code breaking) intercepted secure transmissions. The movie "the Falcon and the Snowman" depicted their work fairly accurately, compiling lists and transcripts of monitored communications and forwarding them to the apropriate parties.
These are not the guys who start wars and disappear people (that would be the CIA). That's not to say they
I am curious (Score:5, Interesting)
I have not had the opportunity to play with SELinux but am interested in how it works, how difficult it is to set up properly and all that fun stuff
Re:I am curious (Score:5, Informative)
How its predecessor worked (Score:5, Informative)
Some services are harder to set up, because the permission issues get in the way, especially if they expect to have an all-powerful root doing the work for them, or if the application does lots of work to secure themselves (chroot jails, etc.), but most applications aren't affected much. Anything that does much with Setuid() can expect a radically different environment underneath.
The big security win is that you can define different security compartments, including one or more for the operating system itself, and applications can only read from lower-security-level compartments, not write to them. This means that even if somebody finds an egregious buffer overflow bug in your email client, and uses it to mail your precious files to kgbvax.dhs.gov, they still can't use that to r00t your machine, and it's very hard for them to accomplish much by leaving Trojan Horse files around in your home directory because root usually isn't allowed to read them without you explicitly authorizing them.
NSA and Common Criteria Evaluation (Score:2, Insightful)
Re:NSA and Common Criteria Evaluation (Score:2)
No [nsa.gov], because that is not a project goal. It (Security Enhanced Linux) is not designed with the goal of getting Common Criteria approval [nsa.gov] (by an independant government-approved lab).
SELinux's beginning have more to do with extending an experimental [nsa.gov] Role Based Access Control (RBAC) than trying to deliver a production quality "secure OS".
About time (Score:5, Insightful)
Sadly Microsoft is lobbying to shut down the NSA's involvement in free software, claiming that the government is essentially "competing" with them. Somehow our tax dollar going to work securing windows isn't communist according to MS. Just if it also helps someone that ISN'T MS. Lets hope they fail.
In the end, this can only be a good thing for ALL OS designers. It helps them look at how the people that stay awake at night worrying a lot think about security in an operating system.
AngryPeopleRule [angrypeoplerule.com]
Re:About time (Score:5, Funny)
Imagine grandpa sitting down to breakfast, reading the paper, and seeing this article (if it's published in his paper). Maybe - just maybe, he'll think *is my computer secure?* And he'll realize it is.
Knowing my fiancee's grandfather though, he'll think *those spooks are using my social security money on computer games?!*
Lobbying for Small Government? (Score:2, Funny)
If the NSA pored over the Windows code and made it secure, well, then you would have big government.
"It required a work force of 384 slaves, 34 slave drivers, 12 engineers, 2 turtle doves, and a partridge in a
Re:About time (Score:2)
On another note, not to troll, but I was wondering if you had any references to substantiate your argument on Microsoft lobbying against NSA Linux (just out of curiosity!).
Thanks.
Microsoft vs. NSA (Score:5, Interesting)
For about a year, NSA stopped talking about SELinux. Then one day there was an announcement in the Linux kernel mailing list that SELinux had been updated to the current kernel version and was becoming part of the mainstream kernel.
Now it's mainstream.
They didn't get the memo (Score:3, Funny)
hmm... (Score:3)
But then again I read that on
Re:hmm... (Score:2)
They seem to be doing an update every couple of months.
Re:hmm... (Score:3, Informative)
A few quick comments (Score:5, Interesting)
My second comment is really a question: How do we weigh this up against Mr. McBride's letters to congressmen? It seems like they would probably lean on the NSA for advice on what's secure and what's not, rather than the seemed ravings of a madman.
I would also throw out a little pointer that probably one of the major reasons that the NSA is working on the Linux Kernel is simply because they can. I'm almost certain that if they had the ability to tweak security in MS, they would do so.
Kutos to the NSA for sharing it all with us.
Not at all mutually exclusive! (Score:5, Informative)
1)clicks on link
2)looks for colorful photos
3)Presses Ctrl-F, then types "screeshots", then Enter
4)Clicks on any links he finds in that context.
5)If he finds nothing, clicks "Back", clicks "Reply", and makes an uninformed comment
Very little reading usually goes on; just viewage of pretty pictures. And, of course, this just makes the slashdot effect worse; text doesn't really hurt webservers as bad as big JPGs. That's why two hours after the posting on slashdot, the site admins are always back online with a text-only version of their site saying something like "I've never seen so much web activity in my life".
Re:A few quick comments (Score:4, Funny)
Re:A few quick comments (Score:3, Interesting)
The NSA can do whatever the hell they want with Microsoft's products, and they do. This might be because MS lets them, but Iduno. Remember the NSAKey boondoggle?
There are many reasons that they must deploy Windows in government. They spend quite a bit of money doing p
Re:A few quick comments (Score:3, Informative)
They did, sort of, with the security guides [conxion.com], which are well-documented (if rather dry) explanations of how to use existing Windows functionality to improve security on the systems. Some of them are pretty clearly overkill for most people (minimum 12-character passwords and 4GB max size for each log file, for example), but they're generally pretty good use. Apparently, they had such an effect on Microsoft that MS wr
Pure gold? (Score:5, Interesting)
Where were you last year? (Score:3, Funny)
Re:Pure gold? (Score:3, Informative)
Seeing as how NSA publishes security guides [nsa.gov] for NT, 2000, XP, 2003Server and Solaris 8, I'd say it is more than just Linux.
Article Text (seems sluggish) (Score:4, Informative)
Linux Gets Security Boost from NSA
By Sean Michael Kerner
Most stories about government deployments of Linux involve a distributor helping various federal and municipal agencies install the open source operating system. But in this case, a federal agency is helping Linux.
The U.S. National Security Agency (NSA), also known as the codemakers and codebreakers cryptologic division within the Department of Defense, has helped to harden Linux with newly-released Security Enhanced Linux (SELinux) kernel modifications.
The latest release, which updates the base kernel to 2.6.3 and 2.4.24, contains numerous significant improvements to security in the open source operating system. The SELinux improvements mark a major breakthrough for Linux. Because of the NSA's contributions to the kernel, the new security features will now show up in mainstream distributions of Linux.
"Conditional policies are significant and also networking hooks were added, which makes SElinux all that much more powerful," Joshua Brindle, hardened Gentoo Linux Project Leader and the NSA's SELinux contributor, told internetnews.com.
"They also exported AVC (define) controls to userland to facilitate strong X-based access control and privilege separation," he added.
SELinux was released by the NSA under the GNU GPL open source license. SELinux is essentially a Linux Kernel with a number of utilities that provide enhanced security functionality. But the critical component of SELinux is how it implements and handles mandatory access controls.
"SELinux is important because mandatory access controls are essential to limiting access to daemons and users to only what they need. It also solves the age-old almighty powerful superuser problem in Linux," Gentoo's Brindle told internetnews.com.
"We stress however that it isn't an end-all solution, that it must be combined with additional layers of protection."
Debian, Gentoo and Red Hat Fedora's latest test release of Fedora Core 2 all currently make some use of SELinux. Red Hat also plans to incorporate SELinux into its next Red Hat Enterprise Linux release
This "marks an important milestone in what enterprises globally feel is an important issue," Red Hat spokesperson Leigh Day said of the SELinux update. "One of the first issues we hear from our customers when talking with them about solution requirements is security," she told internetnews.com. "Were pleased to be working with the NSA to bring SELinux to our distribution. We will incorporate SELinux fully in our next release of RHEL 4."
The Security-enhanced Linux kernel enforces mandatory access control policies that confine user programs and system servers to the minimum amount of privilege they require to do their jobs.
Dunno why the link wasn't in the article. HERE: (Score:5, Informative)
Are NSA improvements public domain? (Score:3, Interesting)
Re:Are NSA improvements public domain? (Score:3, Informative)
That's nice but... (Score:4, Funny)
post rsbac news, too! (Score:3, Informative)
RBAC, MAC, ACL, extensible, malware-scan (virus protection on kernel ('access') level), network protection, other methods (FF,...) and whatever you wish
It's not financed by NSA, and not programmed in the US., can you be happier?
Anyhow, don't tell me SeLinux is better because.. it would cause a flame-thread only...
Re:post rsbac news, too! (Score:2)
This breaks the Linus rule or we'd probably be using RSBAC. If it slows us down or breaks compatibility he conciders this broken code and sends it back to you.
Anyhow, don't tell me SeLinux is better because.. it would cause a flame-thread only...
So why tell us RSBAC is better?
Re:post rsbac news, too! (Score:4, Insightful)
So are you trying to claim Rule-set Based Access Control (RSBAC) is better? Have anything to back up that assertion?
Considering there are still too many junior and not so junior system administrations that fail to use standard Unix access controls correctly or to their full potential, I do not expect to see advanced fine-grain access controls like RSBAC, MAC, etc. to gain mainstream usage any time soon. The issue is that find-grain access control does not tend to scale well in complex and dynamic environments like found in the typical IT department of a commercial enterprise, or an academic computer centre, or the typical under (IQ) staffed government IT/IS department.
So why... (Score:3, Interesting)
(Yes, yes, I know that the web site will be totally physically separated from the spooks' computers...)
security vs stupidity (Score:2, Insightful)
US Government employees MUST relinquish copyright (Score:4, Insightful)
in other cases it results in a very good statistical test suite being dumped into the public domain.
http://csrc.nist.gov/rng/
Don't no one tell.... (Score:2)
Let them continue to believe they can defeat FOSS
Hardened Gentoo (Score:5, Informative)
MAC's are only the enforcement part, auditing is also very important and sadly something lacking in LSM. We are looking into different auditing schemes to compliment SELinux.
Recently we have completely integrated PaX memory protections into the SELinux policy. Unfortunatly Redhat's Ingo wrote execsheild, which he admits provides less protection so most of the SELinux camp is not interested in the work we are doing in this area.
We also provide much tighter policies by default whereas Redhat/Fedora has chosen to make the user domains much less restrictive and 'user-friendly'. This isn't in line with the goals we've cited on out page http://hardened.gentoo.org . While user friendliness is important taking restrictions away from domains inevitably loosens security.
nsa is by far (Score:3, Funny)
mitre (Score:2)
Go Linux (Score:4, Insightful)
changelog (Score:5, Funny)
[classified@classified]
[classified@classified] fix broken (classified) in (classified).c
[classified@classified] changed (classified), added (classified)'s patch to (classified)
[classified@classified] (classified) (classified) with (classified)
Re:changelog (Score:4, Informative)
SELinux Demo Machine (Score:5, Informative)
Re:SELinux Demo Machine (Score:4, Informative)
Please clariify (Score:5, Funny)
Yeeow! Nothing like a paradigm shift without using the clutch!
Why not talk to the developers? (Score:3, Informative)
Also see #selinux on irc.freenode.net.
Then you can discuss it with the people who are involved in SE Linux development.
SE Linux has been going for a long time, I've been working on it for almost three years, and I wasn't involved at the start.
The NSA gets some significant benefits from releasing the code under the GPL. See the list of non-NSA contributors for a list of the work that was done for free by the community instead of having to be paid for by the NSA.
Russell Coker
SCO? (Score:4, Funny)
Re:Antitrust (Score:4, Insightful)
The govt. can spend money on product development if it is necessary for govt. functions. In this case, the NSA is extremely motivated to have a secure OS to store their secrets. Rereleasing their mods to the public seems like a way to get more bang out of your tax dollar by letting you use their improvements.
Re:Antitrust (Score:2, Insightful)
KFG
Re:Antitrust (Score:5, Interesting)
Re:Antitrust (Score:5, Insightful)
Almost all railways are national interests, including passenger service in the United States. Only _very_ recently has privatization become fashionable for railservice and it is usually marked by miserable failure. Take Britain where it was suggested that they basically dump British rail north of Manchester because there's no profit in servicing BFE. That's the point of state-owned services. The state will not dump a region simply because it isn't making a buck and the service is more important than profit.
The vast majority of airlines are state-sponsored (outside the U.S., that is) and vary from states as majority stakeholders to 100% state-ownership. American carriers being privately held is more the exception to the rule.
If not for massive government investment, international travel would still resemble an Indiana Jones plot line.
Re:Antitrust (Score:5, Insightful)
The government had always spent money in infrastructure, either directly or indirectly. The examples you choose illustrate this point.
Cars-building would not be so lucrative if there were not good roads. The government pays for these. In addition, most factories are now subsidized by tax incentives. We would probably have almost no cars built in this country if local and federal authorities did not pay the manufacturers to locate here.
In the early days airlines made their profits delivering mail. It was a while before they were independent. Also, airports are generally built and heavily subsidized by local and federal money.
It is my understanding that the railroads were given land. They wanted to own the rails so they built them, with immigrant labor, externalizing a number of costs related to said labor. Lately the rail lines have been complaining that they have to pay for maintain of the rails with the government pays for the airports. The difference is that the rail didn't want to share. Of course, the government spend huge amounts of money subsidizing the rail lines. Which is good because for many thing rail is more efficient than road or air. The rail people later used their exclusive use of the right-of-way to develop long distance telephone service, another thing that would not exist with heavy government support.
Operating systems are infrastructure. It is proper that the government helps to make sure that this important business tool is suitable. The government has always subsidized the development of these technologies through research grants, not to mention the computer time that gates and co original took from university computers. On a higher level, some analysts think much of the profit MS generates is due to specific tax breaks they have been given.
Re:Don't forget... (Score:2, Interesting)
Re:Motives other than kindness (Score:3, Interesting)
Re:Interesting Reading (Score:4, Informative)
Amigori