Execmod and SE Linux – i386 Must DieExecmod and SE Linux – i386 Must Die
I have previously written about the execmod permission check in SE Linux [1] and in a post about SE Linux on the desktop I linked to some bug reports about[...]
Efficiency of Cooling ServersEfficiency of Cooling Servers
One thing I had wondered was why home air-conditioning systems are more efficient than air-conditioning systems for server rooms. I received some advice on this matter from the manager of[...]
SE Linux in Lenny status – Achieved Level 1SE Linux in Lenny status – Achieved Level 1
I previously described the goals for SE Linux development in Lenny and assigned numbers to the levels of support [1]. I have just uploaded a new policy to unstable which[...]
Random Opinions, Expert Opinions, and Facts about AppArmorRandom Opinions, Expert Opinions, and Facts about AppArmor
My previous post titled AppArmor is Dead [1] has inspired a number of reactions. Some of them have been unsubstantiated opinions, well everyone has an opinion so this doesn’t mean[...]
Google Chrome – the Security ImplicationsGoogle Chrome – the Security Implications
Google have announced a new web browser – Chrome [1]. It is not available for download yet, currently there is only a comic book explaining how it will work [2].[...]
Links August 2008Links August 2008
Michael Janke is writing a series of posts about estimating availability of systems, here is a link to the introduction [1]. He covers lots of things that people often miss[...]
Improving Blog Latency to Benefit ReadersImproving Blog Latency to Benefit Readers
I just read an interesting post about latency and how it affects web sites [1]. The post has some good ideas but unfortunately mixed information on some esoteric technologies such[...]
Swapping to a Floppy DiskSwapping to a Floppy Disk
In the mid 90’s I was part-owner of a small ISP. We had given out Trumpet Winsock [1] to a large number of customers and couldn’t convert them to anything[...]
Killing Servers with Virtualisation and SwapKilling Servers with Virtualisation and Swap
The Problem: A problem with virtual machines is the fact that one rogue DomU can destroy the performance of all the others by inappropriate resource use. CPU scheduling is designed[...]
Is SE Linux Unixish?Is SE Linux Unixish?
In a comment on my AppArmor is dead post [1] someone complained that SE Linux is not “Unixish“. The security model in Unix is almost exclusively Discretionary Access Control (DAC)[...]