In article <f49v43$goc$01$1@xxxxxxxxxxxxxxxxx>,
Peter Kohlmann <peter.koehlmann@xxxxxxxxxxx> wrote:
> Roy Schestowitz wrote:
> > I spotted that one paragraph a few months ago. Prior to that, people would
> > argue that NSA's involvement in SELinux imposes no dangers because the
> > code is out there to view and analyse. But assembly? I mean, come on...
> >
>
> Yes. Where is the problem?
> Assembly code is about as easy/difficult to read as C-code
> Granted, there are not as many people who /can/ read it, compared to C/C++
> But that does not mean that there are none
SELinux rules aren't written in assembly language. Some writers have
used a comparison to assembly language because SELinux rules operate at
a low level. It might take many rules to express a policy that you
could verbalize in a short sentence or two.
Perhaps a better comparison would be between SELinux rules and
Sendmail's configuration. I don't think anyone would say Sendmail is
configured in assembly language. That's the same situation with SELinux.
> > Who are they kidding? From the land where wiretapping is as acceptable as
> > opening one's private snail mail...
That's an amusing complaint coming from a Brit. At least over here we
don't have cameras all over the place watching our every move outside.
--
--Tim Smith
|
|
