I have returned from the US and my SE Linux Play Machine [1] is online again.
It was unfortunate that I forgot to pack one of my Play machine shirts, I ended up attending a meeting of the SDForum [2] on the topic of Cloud Security (it was a joint meeting of the Cloud Services and [...]
I’m about to leave for San Francisco, so my SE Linux Play Machine is turned off and will remain off until after I return.
I have just filed Debian bug report #556644 against the version of openssh-server in Debian/Unstable (Squeeze). It has a patch that moves the code to set the SE Linux context for the child process before calling chroot. Without this a chroot environment on a SE Linux system can only work correctly if /proc and [...]
Update:
Thanks to Sven Joachim and Andrew Pollock for informing me about /etc/init.d/mountoverflowtmp which exists to mount a tmpfs named overflow if /tmp is full at boot time. It appears that the system was not compromised. But regular reinstalls are always a good thing.
On the 24th of August this year I noticed the following [...]
For a long time the use of HTTP cookies [1] for tracking the web browsing habits of users has been well known. But I am not aware of any good solution to the problem. A large part of the problem is the needless use of cookies, it seems that many blog servers use [...]
Below is a message from the thanks file on my SE Linux play machine [1]:
Hello from San Juan, Puerto Rico!
I just found out about this server by reading the SELinux book from O’Reilly. The book is pretty old (2004) and I’m glad to know the URL provided on the book still works!
All the best,
I [...]
My SE Linux Play Machine [1] has a file named thanks.txt for users to send messages to me [2].
On a number of occasions people have offered to give me things in exchange for the password for the bofh account (the one with sysadm_r privileges). I’ve been offered stolen credit cards, a ponzi scheme of [...]
When I first started running a SE Linux Play Machine [1] I used passwords such as “123456“. Then for a while I had “selinux” but when I created a T-shirt design (see the main Play Machine page for details) I changed the password to “SELINUX” because that is easier to read on a shirt.
Unfortunately [...]
I previously described four levels of SE Linux support on the desktop [1].
Last night I updated my APT repository of SE Linux packages for Lenny (as described on my document about installing SE Linux [2]). I included a new policy package that supports logging in to a graphical session via gdm in either unconfined_t [...]
As Debian/Lenny has been released and the temperatures in my part of the world are no longer insanely hot I have put my SE Linux Play Machine [1] online again. It is running Debian/Lenny and is a Xen DomU on a Debian/Lenny Dom0.
To get this working I had to make a few more fixes [...]
© 2010 etbe – Russell Coker | Entries (RSS) and Comments (RSS)
