The benefits of SE LinuxThe benefits of SE Linux
Today I discovered a bug in one of my programs, it called system() and didn’t correctly escape shell eta-characters. Fortunately I had written custom SE Linux policy for it which[...]
Category: Security
Ruxcon and SLUGRuxcon and SLUG
This weekend I was in Sydney for Ruxcon. Ruxcon is a computer security conference with a focus on penetration testing and related skills. The presentation on Unusual Bugs by Ilya[...]
SAK, ctrl-alt-del, and Linux keyboard mappingSAK, ctrl-alt-del, and Linux keyboard mapping
A common problem with Linux systems is when Windows users press CTRL-ALT-DEL at the login prompt and reboot the machine. To fix this some people change the ^ca line in[...]
tcpdump and pstcpdump and ps
Today I was doing some network tracing and figured out how to track the start and end of TCP connections. The following tcpdump command will get all SYN, FIN, and[...]
sendmail – the MTA for insecure systemssendmail – the MTA for insecure systems
Sendmail is the most prevalent Unix MTA. It is the oldest MTA and is still one of the most powerful ones that are available. However it has never been known[...]
SE Linux is like a moat filled with sharks with laser attached head gearSE Linux is like a moat filled with sharks with laser attached head gear
Here’s an interesting blog entry comparing SE Linux and AppArmor. It has some amusing comments, one of which I used for the title of this entry. There are two things[...]
Debian SE LinuxDebian SE Linux
Yesterday Erich Schubert blogged about reducing Debian SE Linux work due to lack of hardware. To solve such problems I’ve put a Debian/unstable machine on the net and given Erich[...]
planet debian, spam, and SE Linuxplanet debian, spam, and SE Linux
In regard to my post yesterday about Planet Debian I received the following response: James Purser said I’m betting that your feed is an atom feed. We had the same[...]
combining two domains in SE Linuxcombining two domains in SE Linux
To get the maximum value out of my writing when I am asked a question that is of general interest in private mail I will (without in any way identifying[...]
more security foolishnessmore security foolishness
Dutch police arrested 12 people for acting suspiciously on a flight to India. A passenger said “They were not paying attention to what the flight attendents were saying”, I don’t[...]