[Freedombox-discuss] PHP is not the problem, security is!

simo idra at samba.org
Tue Jul 17 18:45:40 UTC 2012


On Mon, 2012-07-16 at 15:35 -0400, Boruch Baum wrote: 
> > From: Rick <graham.rick at gmail.com> robvanderhoeven at ziggo.nl> 
> > wrote:
> > 
> >> Yesterday Nick Daly started a discussion about PHP alternatives. 
> >> PHP is crap, and has a very bad security reputation. Should we 
> >> use programs that are written in PHP for the FreedomBox?
> >> 
> > Sounds like a job for selinux.
> Rob is spot on regarding TOMOYO. I've easily deployed version 2.3 of
> TOMOYO on a Linux box and was (figuratively speaking) ecstatic over
> its ease of use compared to SElinux. TOMOYO also doesn't mess with
> with your filesystem (as SElinux does). Two caveats: 1] AKARI
> --should-- be similar; 2] I understand that the tomoyo developers were
> considering some major structural feature and syntax changes since
> version 2.3, and they're currently at version 2.5.
> 
> In my particular usage case, Tomoyo revealed alot of nonsense that
> some Firefox add-ons were doing, and allowed me to easily restrict the
> wayward activities. And the add-ons continued to function fine anyway.
> 
> Even though tomoyo is ridiculously simpler to use than SElinux, Should
> Freedombox decide to integrate TOMOYO or AKARI into the build, I would
> still strongly (very very) suggest FreedomBox prepare default profiles
> for the default FreedomBox apps. (SUSE and Canonical did so for
> Apparmor, but when I evaluated Apparmor a few years ago, their
> defaults were uselessly liberal - no offense intended to you liberals
> on the list). I had suggested this a few years ago on the tomoyo
> discussion list and directly with the tomoyo developers, but at the
> time, the effort went nowhere.

Hi Boruch, I have been working with SELinux for quite a few years now,
and I find it complete and tested on the ground in a manner that trumps
all other players from my POV.

However I am interested in understanding why you say that "Even though
Tomoyo is ridiculously simpler to use than SElinux".

In what ways is Tomoyo simpler ?

I admit I do not know much about tomoyo, but because it is based on file
paths like apprmor I find it is probably inherently less powerful than
SElinux on top of the fact that is certainly a lot less tested, which is
not too good in security related stuff.

Simo.

-- 
Simo Sorce
Samba Team GPL Compliance Officer <simo at samba.org>
Principal Software Engineer at Red Hat, Inc. <simo at redhat.com>




More information about the Freedombox-discuss mailing list