Hi, i am making a transition to slackware and FreeBSD, due to trying to get away from the NSA SELinux module, and SystemD. i was doing some research to see if the NSA had tinkered with the FreeBSD Kernel as well, and from what i found, it seems like they in fact have.
it seems that the version or name of this module in FreeBSD, is called the Flask module / daemon. and they have embedded it in the FreeBSD Kernel as well as Mac OS X... here is a PDF document talking about it back in 2006:
http://selinuxsymposium.org/2006/slides/02-vance-bsd.pdf
heres a wikipedia article on it..
https://en.wikipedia.org/wiki/FLASK
Flask: Flux Advanced Security Kernel
http://www.cs.utah.edu/flux/fluke/html/flask.html
The Flask Security Architecture: System Support for Diverse Security Policies
https://www.cs.cmu.edu/~dga/papers/flask-usenixsec99.pdf
So i had met an Ex-NSA person, and asked them directly "Is there a back door in the SELinux security module?" his response was "I cannot talk about that..." which indicates to me that there is a pretty good chance that there is.... so if FreeBSD ALSO has this via the Flask module just like redhat it makes me hesitant to use it, as that was part of the reason for getting away from RHEL in the first place....
can anyone here confirm whether or not, it is currently being implemented in FreeBSD 11.2? or in the plans of being implemented in 12?
thanks
- Betzalel Maggid
it seems that the version or name of this module in FreeBSD, is called the Flask module / daemon. and they have embedded it in the FreeBSD Kernel as well as Mac OS X... here is a PDF document talking about it back in 2006:
http://selinuxsymposium.org/2006/slides/02-vance-bsd.pdf
heres a wikipedia article on it..
https://en.wikipedia.org/wiki/FLASK
Flask: Flux Advanced Security Kernel
http://www.cs.utah.edu/flux/fluke/html/flask.html
The Flask Security Architecture: System Support for Diverse Security Policies
https://www.cs.cmu.edu/~dga/papers/flask-usenixsec99.pdf
So i had met an Ex-NSA person, and asked them directly "Is there a back door in the SELinux security module?" his response was "I cannot talk about that..." which indicates to me that there is a pretty good chance that there is.... so if FreeBSD ALSO has this via the Flask module just like redhat it makes me hesitant to use it, as that was part of the reason for getting away from RHEL in the first place....
can anyone here confirm whether or not, it is currently being implemented in FreeBSD 11.2? or in the plans of being implemented in 12?
thanks
- Betzalel Maggid