[prev in list] [next in list] [prev in thread] [next in thread] 

List:       fedora-list
Subject:    Re: CIA Outlaw Country attack against CentOS / Rhel  (and Fedora?) Is this credible?
From:       stan <stanl-fedorauser () vfemail ! net>
Date:       2017-06-29 23:33:01
Message-ID: 20170629163301.71253a5b () vfemail ! net
[Download RAW message or body]

On Thu, 29 Jun 2017 19:05:00 -0400
Tom Horsley <horsley1953@gmail.com> wrote:

> On Thu, 29 Jun 2017 15:51:43 -0700
> stan wrote:
> 
> > My first take is that this doesn't represent a very serious
> > threat.  Do you disagree?  
> 
> It depends. Is the CIA module part of the NSA authored selinux
> source code, so it is already in every system? :-).

Yes, that would certainly make a material difference!  I suspect not,
the conspiracy would have to be too widespread to keep that concealed.

But it might be possible that there is something in that code that
facilitates the installation of the module, by creating a
non-obvious security hole for it to pass through.  I say this is more
likely, but still unlikely, less than a 1% chance.
_______________________________________________
users mailing list -- users@lists.fedoraproject.org
To unsubscribe send an email to users-leave@lists.fedoraproject.org

[prev in list] [next in list] [prev in thread] [next in thread]