15 Dec
I have returned from the US and my SE Linux Play Machine [1] is online again.
It was unfortunate that I forgot to pack one of my Play machine shirts, I ended up attending a meeting of the SDForum [2] on the topic of Cloud Security (it was a joint meeting of the Cloud Services and [...]
Posted in Security by: etbe
No Comments
29 Nov
I’m about to leave for San Francisco, so my SE Linux Play Machine is turned off and will remain off until after I return.
Posted in Security by: etbe
No Comments
17 Nov
I have just filed Debian bug report #556644 against the version of openssh-server in Debian/Unstable (Squeeze). It has a patch that moves the code to set the SE Linux context for the child process before calling chroot. Without this a chroot environment on a SE Linux system can only work correctly if /proc and [...]
Posted in Security by: etbe
1 Comment
28 Oct
Update:
Thanks to Sven Joachim and Andrew Pollock for informing me about /etc/init.d/mountoverflowtmp which exists to mount a tmpfs named overflow if /tmp is full at boot time. It appears that the system was not compromised. But regular reinstalls are always a good thing.
On the 24th of August this year I noticed the following [...]
Posted in Security by: etbe
3 Comments
04 Sep
Jetstar has announced some new changes to the way they manage their IT infrastructure [1]. Some parts of it are obvious things that people have been doing (or wanting to do) for a long time – such as using thin clients with no moving parts (not even cooling fans).
But the really interesting part is [...]
Posted in Career, Security by: etbe
12 Comments
29 Aug
The CK12 project is developing free (CC by SA) textbooks for the K-12 market (with a current focus on the early years of high school) [1]. Their primary aim seems to be flex-books – text books that can be localised and modified to better suit the needs of the students. But of course [...]
Posted in Liberty, Security by: etbe
2 Comments
20 Aug
I predict that over the course of the next 10 years there will be more security problems discovered in Sendmail than in Postfix and Qmail combined. I predict that the Sendmail problems will be greater in number and severity.
I also predict that today’s versions of Postfix and Qmail will still be usable in 10 [...]
Posted in Prediction, Security by: etbe
6 Comments
18 Aug
For a long time the use of HTTP cookies [1] for tracking the web browsing habits of users has been well known. But I am not aware of any good solution to the problem. A large part of the problem is the needless use of cookies, it seems that many blog servers use [...]
Posted in Security by: etbe
2 Comments
17 Aug
Below is a message from the thanks file on my SE Linux play machine [1]:
Hello from San Juan, Puerto Rico!
I just found out about this server by reading the SELinux book from O’Reilly. The book is pretty old (2004) and I’m glad to know the URL provided on the book still works!
All the best,
I [...]
Posted in Security by: etbe
2 Comments
29 Jul
A few weeks ago I had a guy from “enviro saver” visit my home to replace incandescent globes with CFLs. The original plan was to deliver a water-saver shower head as well but he told me that because I have solar hot water there are no renewable energy certificates in installing a shower head so [...]
Posted in Security by: etbe
Comments Off