Archives

Categories

Yubikeys Have Arrived

In my previous post about the Yubikey I suggested that computer users’ groups should arrange bulk purchases to get the best prices [1]. I ran such a buying club for Linux users in Australia as well as members of SAGE-AU [2].

The keys have arrived and I now have to start posting them out. […]

Creating a SE Linux Chroot environment

Why use a Chroot environment?

A large part of the use of chroot environments is for the purpose of security, it used to be the only way of isolating a user from a section of the files on a server. In many of the cases where a chroot used to be used for security it […]

Links July 2010

David Byrne gave an interesting TED talk about how changes to architecture drove changes to musical styles [1]. I think he does stretch the point a little. To a certain extent people develop the most complex instruments and the largest music halls that can be supported by the level of technology in their society – […]

SE Linux status in Debian/Squeeze

ffmpeg

I’ve updated my SE Linux repository for Squeeze to include a modified version of the ffmpeg packages without MMX support for the i386 architecture. When MMX support is enabled it uses assembler code which requires text relocations (see Ulrich Drepper’s documentation for the explanation of this [1]). This makes it possible to run programs […]

SE Linux audit2allow -R and Milter policy

Since the earliest days there has been a command named audit2allow that takes audit messages of operations that SE Linux denied and produces policy that will permit those operations. A lesser known option for this program is the “-R” option to use the interfaces from the Reference Policy (the newer version of the policy that […]

Digital Video Cameras

I’ve just done some quick research on Digital Video Cameras for some relatives. It seems to me that the main feature that is necessary is Full HD (1920*1080) resolution as everyone seems to be getting 1920*1080 resolution monitors (getting smaller doesn’t save enough money to be worth-while). Resolutions higher than 1920*1080 will probably available in […]

Tracking down Write/Execute mmap() calls with LD_PRELOAD

One of the access controls in SE Linux is for execmem – which is used to stop processes from creating memory regions that are writable and executable (as they make it easier to compromise programs and get them to execute supplied code). When the SE Linux audit log tells you that a program is attempting […]

Is Lebara the Cheapest Mobile Phone company in Australia?

My parents have just got a mobile phone with a Lebara pre-paid SIM [1]. Lebara advertise free calls to other Lebara phones but have a disclaimer that they charge a 25 cent flagfall and charge 15 cents per minute after the first 10 minutes – which is still cheaper than most mobile calls although not […]

libcsoap/libnanohttp

Recently I have been doing a bit of work on libcsoap (the C library for making SOAP XML calls over http) and the libnanohttp library that it depends on. The most important part of my work on it was making it thread-safe with the technique I described in my post about finding thread unsafe code […]