Author Archives: swift

This months’ stabilization done, more to come

Posted on January 29, 2012 by swift

A small notification to tell you that the SELinux policies that were pushed to the main tree 30 days (or more) ago have now been stabilized (none of them introduced problems, although some of them have other bugs still open … Continue reading →

Posted in Hardened | Leave a comment

Trying out initramfs with selinux and grsec

Posted on January 15, 2012 by swift

I’m no fan of initramfs. All my systems boot up just fine without it, so I often see it as an additional layer of obfuscation. But there are definitely cases where initramfs is needed, and from the looks of it, … Continue reading →

Posted in Hardened, SELinux | 9 Comments

Unix domain sockets are files

Posted on December 31, 2011 by swift

Probably not a first for many seasoned Linux administrators, and probably not correct accordingly to more advanced users than myself, but I just found out that Unix domain sockets are files. Even when they’re not. I have been looking at … Continue reading →

Posted in SELinux | Leave a comment

Gentoo WiKi & Knowledge Base

Posted on December 26, 2011 by swift

I have been playing with the Gentoo Wiki the last few days and am very impressed with the work that both the wiki teams as well as existing contributors have already done to the place. The look and feel is … Continue reading →

Posted in Gentoo | 4 Comments

Supporting fix scripts for XCCDF content and maintaining the documents

Posted on December 23, 2011 by swift

One of the features supported through OVAL (and Open-SCAP) is to generate fix scripts when a test has failed. The administrator can then verify this script (of course) and then execute it to correct wrong settings. So I decided to … Continue reading →

Posted in Gentoo | 2 Comments

SELinux Gentoo/Hardened state 2011-12-19

Posted on December 19, 2011 by swift

On december 14th, the Gentoo Hardened project had its monthly online meeting to discuss the current state of affairs of its projects and subprojects. Amongst them, the updates on the SELinux-front were presented as well. Since last meeting, the follow … Continue reading →

Posted in Hardened, SELinux | 2 Comments

Supporting CC-BY-SA 3.0

Posted on November 29, 2011 by swift

Until now, documents on the Gentoo website all had to be licensed under the Creative Commons Attribution/Share Alike license, version 2.5. Why? Because at the time of the license choice, that was probably the latest version at hand. In the … Continue reading →

Posted in Gentoo | Leave a comment

SELinux Gentoo/Hardened state 2011-11-17

Posted on November 17, 2011 by swift

A small write-down on the Gentoo Hardened SELinux state-of-affairs, largely triggered because there was an online meeting for the Gentoo Hardened project today. The SELinux policies offered in the sec-policy category are based on the latest refpolicy release. The older … Continue reading →

Posted in Hardened | Leave a comment

Gentoo Security Benchmark with OVAL and Open-SCAP

Posted on November 16, 2011 by swift

A while ago, I got referred to the Open Vulnerability and Assessment Language, which seems to be an open specification (or even standard) for defining security content/information and being able to document such things in a way that tools can … Continue reading →

Posted in Gentoo, Hardened, Security | Leave a comment

Centers of Excellence

Posted on October 25, 2011 by swift

When dealing with software (I’ll talk about software here, but the information is applicable to most technologies, such as appliances and operating systems) many organizations want to have “centers of excellence” with respect to the software. These teams are responsible … Continue reading →

Posted in Analysis | Leave a comment

Author Archives: swift

Archives

Meta