[colug-432] SELinux == Sadness
Jeff Frontz
jeff.frontz at gmail.com
Sun Apr 25 13:08:00 EDT 2010
On Sun, Apr 25, 2010 at 12:45 PM, R P Herrold <herrold at owlriver.com> wrote:
> On Sun, 25 Apr 2010, Jeff Frontz wrote:
>> Having an arcane piece of software suddenly decide that it doesn't
>> really want that process to write to /tmp or consume a bit more memory
>> or use the CPU or have a PID-- right in the middle of that critical
>> movement of the robot arm or the database update for the quarterly
>> financial reports to the SEC-- call me crazy, but I don't really need
>> that help, thanks.
>
> What this says to me is that there is a defect in the test coverage, and
> root cause fault analysis, or at your pre-deployment staging bench in not
> spotting and solving these issues before deployment.
If only it were possible to test everything under all conditions (if
only P did equal NP). Really, though, it's actually more indicative
of the results of a back-of-the-envelope risk-benefit analysis-- I'm
not designing a general-purpose system that is accessible to the
outside world; I'm designing an embedded product. If I can mitigate
the risk of external manipulation using other tools/mechanisms (e.g.,
no more login/getty), then that's a way simpler path than trying to
come up-to-speed by reading a bunch of web sites and mailing lists.
Don't get me wrong--I'm not trying to stand in the path of progress; I
just have only so much time in the day to learn the latest Best Thing
Ever.
And again, I'll profess ignorance and throw myself at your mercy-- how
about giving a preso about this topic in the next few weeks? I'll
even help secure a spot: on Monday, I'll walk over to the person who
schedules meeting space at TechColumbus and ask her what's available.
Deal?
Jeff
More information about the colug-432
mailing list