> P.S. I have a long bet that SELinux is an NSA backdoor. Any takers?
I don't know if it's an NSA backdoor, but there were several security alerts related to SELinux. I don't understand why all common distros use this. I don't, I compile my kernels from unpatched vanilla source.
There were several security advisories in the past years, of various privilege escalation or other security holes that were actually in SELinux and not present in the vanilla source. I didn't keep a log of the details but you probably can find them in the advisories archives.
I don't remember precisely, just that the proof of concepts simply didn't work on a kernel without SELinux. When the proof of concept is for instance a privilege escalation, this is quite significant.
I don't know if it's an NSA backdoor, but there were several security alerts related to SELinux. I don't understand why all common distros use this. I don't, I compile my kernels from unpatched vanilla source.