RPC and SE LinuxRPC and SE Linux
One ongoing problem with TCP networking is the combination of RPC services and port based services on the same host. If you have an RPC service that uses a port[...]
Category: Security
DKIM and Mailing ListsDKIM and Mailing Lists
Currently we have a problem with the Debian list server and Gmail. Gmail signs all mail that it sends with both DKIM and DomainKeys (DomainKeys has been obsoleted by DKIM[...]
Never Trust a DRM VendorNever Trust a DRM Vendor
I was reading an interesting post about predicting the results of the invasion of Iraq [1]. One of the points made was that the author rejected every statement by a[...]
OpenID DelegationOpenID Delegation
I’ve just installed Eran Sandler’s OpenID Delegation Plugin [1]. This means that I can now use my blog URL for OpenID authentication. I’ve also included the plugin in my WordPress[...]
An Update on DKIM Signing and SE Linux PolicyAn Update on DKIM Signing and SE Linux Policy
In my previous post about DKIM [1] I forgot to mention one critical item, how to get Postfix to actually talk to the DKIM milter. This wasn’t a bad thing[...]
Play Machine UpdatePlay Machine Update
My Play Machine [1] was offline for most of the past 48 hours (it’s up again now). I have upgraded the hardware for the Dom0 used to run it so[...]
Installing DKIM and Postfix in DebianInstalling DKIM and Postfix in Debian
I have just installed Domain Key Identified Mail (DKIM) [1] on my mail server. In summary the purpose is to allow public-key signing of all mail that goes out from[...]
Fixing execmod (textrel) Problems in LennyFixing execmod (textrel) Problems in Lenny
I’ve just updated my repository of SE Linux related packages for Lenny [1] to include a set of ffmpeg packages modified to not need text relocations (execmod access under SE[...]
Execmod and SE Linux – i386 Must DieExecmod and SE Linux – i386 Must Die
I have previously written about the execmod permission check in SE Linux [1] and in a post about SE Linux on the desktop I linked to some bug reports about[...]
SE Linux in Lenny status – Achieved Level 1SE Linux in Lenny status – Achieved Level 1
I previously described the goals for SE Linux development in Lenny and assigned numbers to the levels of support [1]. I have just uploaded a new policy to unstable which[...]