Kernel security modules

redpill me on kernel security modules
grsecurity, seccomp, selinux, tomoyo, the works

grsecurity, autistic garbage
seccomp, old but reliable
selinux, Made by NSA
tomoyo, ancient shit

>>2
wouldn't the NSA want to keep their shit secure?
or are you implying that they backdoor selinux?

>>3
Do you believe they really want a more secure Linux, just out of their sympathy for open source?

>>4
they need their own shit to be secure
why do you think everything is a conspiracy?
you don't need elaborate 0-days when CVEs and phishing are good enough 99% of the time
besides, isn't selinux open source? people can audit the source code

I don't mean to sound like an NSA shill, but I try to be rational instead of mindlessly paranoid

>>5
>they need their own shit to be secure
That would be classified and private version of Linux.
>why do you think everything is a conspiracy?
Because I have the minimal IQ required to see the pattern.
>you don't need elaborate 0-days when CVEs and phishing are good enough 99% of the time
High-value targets often have competent and secure systems administrators
>besides, isn't selinux open source? people can audit the source code
It could interact with NSA-rooted hardware in non-obvious way or contain a clever flaw that exploits some hardware/software deficiency not known in the mainstream

>I don't mean to sound like an NSA shill, but I try to be rational instead of mindlessly paranoid
t. 10 shekels have been deposited into your account.

what about systemd? due to scope creep, it is a colonel security module now

>>7
does systemd have kernel components? that's terrifying

>>8

https://en.wikipedia.org/wiki/Udev

I'd just like to interject for a moment. What you're referring to as Linux, is in fact, SystemD/Linux, or as I've recently taken to calling it, SystemD plus Linux. Linux is not an operating system unto itself, but rather another free component of a fully functioning SystemD system made useful by the SystemD daemons, SD-bus and libraries, config utilities and vital system components(such as udev) comprising a full OS as defined by POSIX.
Many computer users run a modified version of the SystemD system every day, without realizing it. Through a peculiar turn of events, the version of SystemD which is widely used today is often called "Linux", and many of its users are not aware that it is basically the SystemD system, developed by the GNU Project.
There really is a Linux, and these people are using it, but it is just a part of the system they use. Linux is the kernel: the program in the system that allocates the machine's resources to the other programs that you run. The kernel is an essential part of an operating system, but useless by itself; it can only function in the context of a complete operating system. Linux is normally used in combination with the SystemD operating system: the whole system is basically SystemD with Linux added, or SystemD/Linux. All the so-called "Linux" distributions are really distributions of SystemD/Linux.
Educate yourself
https://github.com/systemd/systemd

dubsecurity is the best module