The NSA, the original primary developer of SELinux, released the first version to the open source development community under the GNU GPL on December 22, 2000.[6] The software was merged into the mainline Linux kernel 2.6.0-test3, released on 8 August 2003. Other significant contributors include Red Hat, Network Associates, Secure Computing Corporation, Tresys Technology, and Trusted Computer Solutions.

https://en.wikipedia.org/wiki/Security-Enhanced_Linux

  • mariusafa@lemmy.sdf.org
    link
    fedilink
    arrow-up
    26
    arrow-down
    4
    ·
    10 months ago

    If they afterwards released it under a Free (Libre) Software licence then it’s fine. The licence itself prohibites against any obfuscation or combination of obfuscated code with libre one. If you have the entire code, not just some part, as most companies do when go Open Source (not free software), then you don’t have to worry about unknown behavior because everything is in the source.

    • Possibly linux@lemmy.zip
      link
      fedilink
      English
      arrow-up
      15
      arrow-down
      1
      ·
      10 months ago

      Also it is no longer under the NSA. The original NSA branding was also removed due to concerns from the community.

    • BorgDrone@lemmy.one
      link
      fedilink
      arrow-up
      11
      ·
      10 months ago

      If you have the entire code, not just some part, as most companies do when go Open Source (not free software), then you don’t have to worry about unknown behavior because everything is in the source.

      Hahaha, good joke

      • mariusafa@lemmy.sdf.org
        link
        fedilink
        arrow-up
        6
        ·
        10 months ago

        I mean if you have the entire source then you have everything to reproduce the program. Finding a malicious part does not only depend on the source but on the inspector, that is true.

        But anyways having the entire code and not just the part that a company feels they may share is better anyways. Even if it’s literally malware.

        The free software community users depend on the community in order to detect malicious code. But at least there’s a source code way of doing so.

        If I tell you that this building has a structural deformation, having the possibility of accesing the architect blueprints and list of materials is better than just being able to go inside the building and try to search for it, no?