Lintian and Executable StacksLintian and Executable Stacks
Debian has a program called Lintian that is used to search for common bugs in Debian packages. When it encounters a package with a shared object that requests an executable[...]
Tag: Selinux
How SE Linux Prevents Local Root ExploitsHow SE Linux Prevents Local Root Exploits
In a comment on my previous post about SE Linux and worms/trojans [1] a user enquired about which methods of gaining local root are prevented by SE Linux. A local[...]
Can SE Linux Stop a Linux StormCan SE Linux Stop a Linux Storm
Bruce Schneier has just written about the Storm Worm [1] which has apparently been quietly 0wning some Windows machines for most of this year (see the Wikipedia page for more[...]
Executable Stack and Shared ObjectsExecutable Stack and Shared Objects
When running SE Linux you will notice that most applications are not permitted to run with an executable stack. One example of this is libsmpeg0 which is used by the[...]
Context of /dev/xvc0Context of /dev/xvc0
I have just converted a Fedora Core 5 server to a CentOS 5 Xen Dom0 with Fedora Core 5 as a DomU. The process took a little longer than expected[...]
Multiple Pointers in XMultiple Pointers in X
After having read Brice Goglin’s post about what to expect in X for Lenny [1] the thing that seemed most exciting is the support for Multi-Pointer X [2]. This allows[...]
Is SE Linux only for Linux?Is SE Linux only for Linux?
I have just been asked for advice on whether SE Linux is Linux specific, and therefore whether code related to SE Linux should always be stored with other Linux specific[...]
SE Linux vs chrootSE Linux vs chroot
A question that is often asked is whether to use SE Linux or a chroot to restrict a program. In Unix chroot is a way of running a program with[...]
When to Use SE LinuxWhen to Use SE Linux
Recently someone asked on IRC whether they should use SE Linux on a web server machine (that is being used for no other purpose) and then went on to add[...]
SE Linux shirts for sale!SE Linux shirts for sale!
Faye and I have created Cafepress stores selling shirts and other things with SE Linux logos, here are the two designs: Play Machine SE Linux MLS There are shirts, coffee[...]