[druiid]

Yes, but given that it's open-source I imagine if there was a back-door in it, someone would have found it by now. That said, they could purposefully have excluded security triggers for vulnerable kernel exploits which haven't been found yet... but as far as being some direct back-door in it by now I highly doubt that.

[nivla]

Yes and No. I honestly don't believe there are backdoors in SELinux but it still follows the same path of Truecrypt. A lot of privacy advocates are wary of Truecrypt despite being open source because:

1. No one has yet thoroughly audited the source codes. Its too large and complex that it warrants a good amount of time and money.

2. The identity of the founders/maintainers are unknown.

3. The binary offered for download cannot be efficiently verified to the source.

One of the things I have learned is that just because something is closed source, doesn't mean it has a backdoor and just because something is open source it doesn't mean it is secure. Always assume what you din't write is insecure and proceed accordingly.

[kryten]

Look at the OpenBSD IPsec fiasco and ask yourself that again.

[druiid]

Yeah, and weren't those found to be totally and completely false?

[kryten]

"possibly" is the answer to that question. They found a few flaws but not necessarily anything conclusive.