My argument means no such thing. I said that Linux is versatile and modular and people have already done the work required, and that it EASES the ability to continue to expand on its capabilities. Thank you for detracting from it FURTHER by continuing to ignore the actual points and instead doing exactly what you are accusing me of.
Originally posted here by catch
chsh, by that argument anything could be anything.
Even assuming I had said something which I didn't (as you seem to believe), the fact remains that security is entirely about taking one thing and, using available tools, turning it into another.
With enough investment, you could turn anything into anything else. Does this really contribute to the conversation at hand? It seems to be more in the spirit of arguing and less in the spirit of a conversation about OS security.
You mean changes that are actually present in "shipping official kernels" are somehow not considered linux, even though that is what he earlier stated?
Linux was used as a sample that members would be familiar with. To this end catch used what he believed to be the most commonly known and accepted definition of Linux. What is more, it is his belief that the changes Linux requires to add such capabilities make the whole subject a very gray area and that these systems, most of which are not considered to be commercial level products must be considered seperately from traditional Linux.
If it was included in Windows 2000 SP3 or something along those lines it would. Catch's argument (and yours, whomever you may be, and whyever you feel the need to discuss in his stead) is extremely flawed because the work is already done. If it was something that "someone could write" I'm inclined to agree, but again I must reiterate it was catch who broached the topic of "abstract" security -- that it taking a box and making it as secure as possible, default configurations ignored. I don't see what's so hard about saying "I didn't know the SELinux mandatory ACL stuff had been contributed to kernel.org" and just being done with it, which is really what it boils down to in this instance.
As said above, anything can be made into anything with enough resources. You can add mandatory access controls to Windows 95 if you really wanted to, the fact that it is closed source makes no difference. There are even patches to add mandatory access controls to Windows 2000, should this be part of Windows 2000's working definition? With enough time and effort you could turn "Hello World" into an A1 OS, but is that really useful to keep on the table when discussing OS security?
You say nebulous, I say "correct". Scary word, yes, however I don't think it's too much to ask to do a bit of research before posting a tutorial like this and proceeding to litter it with incorrect examples that are apparently based on assumption and lack of research. This isn't really a flame, and I encourage you to re-read the history of this thread and make a genuine effort to come to an understanding of what I'm saying.
If the most you have to contribute is nitpicking over the desire for catch to have used far more nebulous definitions, and the inclusing of every obscure research project ever into those definitions, please just stop. It does no one any favors.
It was brought to my attention earlier that catch had been linked several bits of relevant information from another member who refrained from participating in this thread, and catch seems to have summarily dismissed it or felt it better to simply act ignorant. I guess he really wasn't that interested in constructive discussion, and was more just up for a good trolling. Oh well, he hasn't changed a bit I see.