Active Topics
-
Porting apps to Leste (32)
to Maemo 7 / Leste by Arno_11 - 1 day, 16 hrs ago -
[ANNOUNCE] CSSU-thumb thread - stable Thumb2 on N900 (2,264)
to Maemo 5 / Fremantle by panjgoori - 3 days, 11 hrs ago -
Full linux distros on Sailfish OS (254)
to SailfishOS by qoh - 4 days, 9 hrs ago - more...
 |
|
2010-03-30
, 18:31
|
|
Posts: 4,384 |
Thanked: 5,524 times |
Joined on Jul 2007
@ ˙ǝɹǝɥʍou
|
#2
|
I think SELinux is targeted more for multi-user servers.
What exactly from SE Linux that you need?
What exactly from SE Linux that you need?
__________________
Class .. : Power User
Humor .. : [#####-----] | Alignment: Pragmatist
Patience : [###-------] | Weapon(s): Galaxy Note + BB Bold Touch 9900
Agro ... : [###-------] | Relic(s) : iPhone 4S, Atrix, Milestone, N900, N800, N95, HTC G1, Treos, Zauri, BB 9000, BB 9700, etc
Class .. : Power User
Humor .. : [#####-----] | Alignment: Pragmatist
Patience : [###-------] | Weapon(s): Galaxy Note + BB Bold Touch 9900
Agro ... : [###-------] | Relic(s) : iPhone 4S, Atrix, Milestone, N900, N800, N95, HTC G1, Treos, Zauri, BB 9000, BB 9700, etc
Follow the MeeGo Coding Competition!
|
|
2010-03-30
, 19:41
|
|
Posts: 393 |
Thanked: 67 times |
Joined on Feb 2010
|
#3
|
There is no specific part of SELinux that I need, but it seems overall to be a secure configuration... I'm not sure how practical it would be on the N900 though.
|
|
2010-03-30
, 19:46
|
|
Posts: 1,746 |
Thanked: 2,100 times |
Joined on Sep 2009
|
#4
|
Originally Posted by ysss
Motorola has used SELinux to great effect on some of their Linux-based phones, however it is almost always used against the owner of the device.
I think SELinux is targeted more for multi-user servers.
What exactly from SE Linux that you need?
|
|
2010-03-30
, 19:48
|
|
Posts: 393 |
Thanked: 67 times |
Joined on Feb 2010
|
#5
|
[QUOTE=wmarone;588794]Motorola has used SELinux to great effect on some of their Linux-based phones, however it is almost always used against the owner of the device.
Which Motorola phones was this?
Which Motorola phones was this?
|
|
2010-03-30
, 19:50
|
|
Posts: 4,384 |
Thanked: 5,524 times |
Joined on Jul 2007
@ ˙ǝɹǝɥʍou
|
#6
|
It's been awhile since I reviewed it (for use in a project, a lifetime ago)... from what I remember:
- The higher granularity of access control mechanisms provided by SE Linux would be moot on a single-user mobile device.
- The extraneous logging would tax the limited N900 resource for minimal benefit. (Perhaps for data forensic, if you can recover the device.)
- The higher granularity of access control mechanisms provided by SE Linux would be moot on a single-user mobile device.
- The extraneous logging would tax the limited N900 resource for minimal benefit. (Perhaps for data forensic, if you can recover the device.)
__________________
Class .. : Power User
Humor .. : [#####-----] | Alignment: Pragmatist
Patience : [###-------] | Weapon(s): Galaxy Note + BB Bold Touch 9900
Agro ... : [###-------] | Relic(s) : iPhone 4S, Atrix, Milestone, N900, N800, N95, HTC G1, Treos, Zauri, BB 9000, BB 9700, etc
Class .. : Power User
Humor .. : [#####-----] | Alignment: Pragmatist
Patience : [###-------] | Weapon(s): Galaxy Note + BB Bold Touch 9900
Agro ... : [###-------] | Relic(s) : iPhone 4S, Atrix, Milestone, N900, N800, N95, HTC G1, Treos, Zauri, BB 9000, BB 9700, etc
Follow the MeeGo Coding Competition!
|
|
2010-03-30
, 20:11
|
|
Posts: 1,746 |
Thanked: 2,100 times |
Joined on Sep 2009
|
#7
|
Originally Posted by mail_e36
A number of the RAZR phones, notably any device loaded with MotoMAGX. If you look up the OpenEZX project you'll find out more.
Originally Posted by wmaroneWhich Motorola phones was this?Motorola has used SELinux to great effect on some of their Linux-based phones, however it is almost always used against the owner of the device.
|
|
2010-03-30
, 20:19
|
|
Posts: 1,341 |
Thanked: 708 times |
Joined on Feb 2010
|
#8
|
I wish SELinux will be in Meego.
Who knows how many Trojan horses we already have, because DEB-packages are not signed and people (also developers) install them just by wget'ing packages and then dpkg -i'ing them blindly.
Who knows how many Trojan horses we already have, because DEB-packages are not signed and people (also developers) install them just by wget'ing packages and then dpkg -i'ing them blindly.
|
|
2010-03-30
, 20:50
|
|
Posts: 540 |
Thanked: 288 times |
Joined on Sep 2009
|
#9
|
Originally Posted by zimon
You mean packages are not required to be signed, I sign my packages...
I wish SELinux will be in Meego.
Who knows how many Trojan horses we already have, because DEB-packages are not signed and people (also developers) install them just by wget'ing packages and then dpkg -i'ing them blindly.
Anyways if meego gets stuff from the "harmattan security framework" (there was a really good talk at the 2009 summit) then there are plenty of limits that can be placed on what specific applications (and/or classes of applications) can and cannot do.
Hey, found a wiki page: http://wiki.maemo.org/Maemo_security
| The Following User Says Thank You to rambo For This Useful Post: | ||
|
|
2010-03-30
, 20:55
|
|
Posts: 1,341 |
Thanked: 708 times |
Joined on Feb 2010
|
#10
|
Originally Posted by rambo
I haven't yet found any Maemo package, which would had embedded (GPG) signature, so maybe you could point me to one?
You mean packages are not required to be signed, I sign my packages...
"Security-Enhanced Linux (SELinux) is a Linux feature that provides a mechanism for supporting access control security policies, including U.S. Department of Defense style mandatory access controls, through the use of Linux Security Modules (LSM)"
http://en.wikipedia.org/wiki/Security-Enhanced_Linux