Mandatory Access Control (MAC) / security architecture / SElinux
asked 2019-07-26 20:16:27 +0300
The "[changelog] 3.1.0 Seitseminen" is mentioning that libselinux packages were removed [1].
Does this means that SElinux will never be implemented into SFOS? No Mandatory Access Control (MAC) as access control security feature? What else will be conceptual part of the security architecture of SFOS? Especially this https://blog.jolla.com/sailfishos-security-dataprivacy/ blog post is mentioning "a new security architecture". On what is this one based? I'd really appreciate any input about that (links, thoughts, official statement etc.). Thanks!
[1] https://together.jolla.com/question/208531/changelog-310-seitseminen/#208531-libselinux
I don't know what Jolla's plan is, but in the Android support SELinux is actually used, to the point that we have to watch out when modifying the system.img (e.g. to add extra frameworks) to not break stuff (e.g.: thre logd deamon gets selinux admin capabilities through extended attributes).
DrYak ( 2019-07-27 09:50:04 +0300 )edit