To a certain extend, SELinux is like TPM.

On one hand, it can be used to increase security of your system a lot.

On the other hand, it can be used to lock you out some more. Like from your Linux-running Motorola phone. (Note: this phone is not running SELinux, but some other LSM)

The combination of both of course increases security even more.

I was wondering if I should maybe starting using these on the next server I install. Make a mini boot system with an SSHD and use the TPM module to secure this boot system. Then whenever the system is booted, I connect via SSH to type in the passphrase to unlock the encrypted disks.

So when some police decides to seize a TOR server, they’ll not be able to read any of the data, even when they seize the complete hardware. (Also do read the followup post, that there are probably no charges being pressed against the tor operators, but the police had to do investigations because of the law.)

The only attack vector (apart from breaking crypto) I see is that they use the TPM to decrypt the boot systems sshd key, and then setup a modified boot system to capture my passphrase. They’ll probably need more time to set that up than me to be informed the server was seized (or wonder why it’s down). They’re not exactly prepared for such defensive measures, I guess. (And again, what’s the use for them, when I’m most likely just running a TOR exit node there, not logging any of the data passing through?)

OTOH, I’m not planning to setup any server anytime soon, and for a laptop using an encrypted harddrive should be enough. Maybe add some extra SELinux policy to defend against software bugs and maybe keyloggers. Uwe Hermann just measured the overhead and to me this doesn’t look very bad. I mean… it will still be much faster than my current laptop, and this laptop is fast enough for me 99.9% of the time.

[Update: moved to proper tag. selinux, not XML.
You might want to read Harald Weltes blog (of GPL enforcement fame) for more details on it. Apparently it’s based off an years of SELinux branch, and the source code is availableat Motorola. Yay for companies adhering to the GPL!]