this post was submitted on 09 Feb 2025

139 points (100.0% liked)

Open Source

33279 readers

289 users here now

All about open source! Feel free to ask questions, and share news, and interesting stuff!

Useful Links

Rules

Posts must be relevant to the open source ideology
No NSFW content
No hate speech, bigotry, etc

Related Communities

Community icon from opensource.org, but we are not affiliated with them.

founded 5 years ago

MODERATORS

kevincox@lemmy.ml

CrypticCoffee@lemmy.ml

Lettuceeatlettuce@lemmy.ml

139

TIL the NSA created SELinux and various other FOSS projects (code.nsa.gov)

submitted 2 weeks ago by potentiallynotfelix@lemmy.fish to c/opensource@lemmy.ml

17 comments fedilink hide all child comments

you are viewing a single comment's thread
view the rest of the comments

[–] homura1650@lemmy.world 18 points 2 weeks ago (1 children)

Also, AppArmor might not exist without SELinux.

When the NSA first implemented SELinux, they did so directly, but were not able to get that merged into mainline because there was concern that SELinux was not the correct solution.

What they ended up doing was creating the Linux Security Modules (LSM) framework, which is just a bunch of hooks in the kernel that a module can implement. SELinux was then rewritten as LSM module. This allowed other solutions like AppArmor to be implemented without any invasive work; they could just plug into the same system SELinux used.

Some time later, the ability to run multiple LSMs at once was added.

Incidentally, Linux capabilities are also implemented as an LSM.

[–] mholiv@lemmy.world 5 points 2 weeks ago

TIL. Very cool.