|
Neohapsis is currently accepting applications for employment. For more information, please visit our website www.neohapsis.com or email hr@neohapsis.com |
Re: SE Linux vs SE NetBSD !!
From: Steven M. Bellovin (smb
cs.columbia.edu)
Date: Fri Aug 25 2006 - 15:30:10 CDT
- Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]
On Fri, 25 Aug 2006 23:13:40 +0200, Elad Efrat <eladNetBSD.org> wrote:
> MLS (Multi-Level Security) is a rather vague (and big!) term. :)
>
Big, yes; vague, no. (Btw, Biba uses the same sort of primitives to
address integrity rather than confidentiality. I could explain, but it
would be a vast digression for this list.)
I do think, though, that MLS solves a problem that no one has anymore.
That is, it's a security mechanism designed (a) for mainframes, (b) with
timesharing terminals if necessary, (c) mostly without networks, and (d)
useful at most for the Defense Department, and generally not even for
them. It's quite useless for almost any other security situation, and
doesn't even work for DoD in a world of PCs, all-seeing/all-dancing word
processors (be they Microsoft Word or Emacs), and Web browsers..
--Steven M. Bellovin, http://www.cs.columbia.edu/~smb
- Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]