-
Archives
- May 2012
- April 2012
- March 2012
- February 2012
- January 2012
- December 2011
- November 2011
- October 2011
- September 2011
- August 2011
- July 2011
- June 2011
- May 2011
- April 2011
- March 2011
- February 2011
- January 2011
- December 2010
- November 2010
- October 2010
- September 2010
- August 2010
- July 2010
- June 2010
- May 2010
- April 2010
- February 2010
- January 2010
- December 2009
- October 2009
- September 2009
- August 2009
- April 2009
- February 2009
- December 2008
- September 2008
- August 2008
-
Meta
Category Archives: Hardened
SELinux Gentoo/Hardened state 2011-12-19
On december 14th, the Gentoo Hardened project had its monthly online meeting to discuss the current state of affairs of its projects and subprojects. Amongst them, the updates on the SELinux-front were presented as well. Since last meeting, the follow … Continue reading
Posted in Hardened, SELinux
2 Comments
SELinux Gentoo/Hardened state 2011-11-17
A small write-down on the Gentoo Hardened SELinux state-of-affairs, largely triggered because there was an online meeting for the Gentoo Hardened project today. The SELinux policies offered in the sec-policy category are based on the latest refpolicy release. The older … Continue reading
Posted in Hardened
Leave a comment
Gentoo Security Benchmark with OVAL and Open-SCAP
A while ago, I got referred to the Open Vulnerability and Assessment Language, which seems to be an open specification (or even standard) for defining security content/information and being able to document such things in a way that tools can … Continue reading
Posted in Gentoo, Hardened, Security
Leave a comment
SELinux’ 2011/07 releases now stable
A few minutes ago, I stabilized both the 2.20110726 policies as well as the SELinux userspace utilities that were stable (upstream) on 20110727. With the change, I also updated the Gentoo SELinux Handbook with the changes I presented on our … Continue reading
Posted in Hardened, SELinux
Leave a comment
Gentoo Hardened SELinux policies, rev 5
I’ve pushed out selinux-base-policy version 2.20110726-r5 to the hardened-dev overlay. It does not hold huge changes, most of them are rewrites or updates on pre-existing patches (on the SELinux policies) to make them conform the refpolicy naming conventions and other … Continue reading
Posted in Hardened, SELinux
Leave a comment
Quickly setup a Gentoo system
In order to verify if the installation instructions in the Gentoo Handbook are still valid, and to allow me to quickly seed new Gentoo installations in a virtual environment, I wrote a very ugly (really) script to automatically “stage” a … Continue reading
Posted in Gentoo, Hardened
7 Comments
Mitigating risks, part 4 – Mandatory Access Control
I’ve talked about service isolation earlier and the risks that it helps to mitigate. However, many applications still run as highly privileged accounts, or can be abused to execute more functions than intended. Service isolation doesn’t help there, and system … Continue reading
Posted in Architecture, Hardened, Security, SELinux
1 Comment
Now using refpolicy 2.20110726
A few days ago, I committed the SELinux policy modules that are based on the 2.20110726 set released upstream. For those that are using Gentoo Hardened with SELinux, you’ll find them if you use the ~arch set for the sec-policy … Continue reading
Posted in Hardened, SELinux
Leave a comment
Easy documentation updates thanks to the many contributions
As mentioned previously, I took a stab at the Gentoo Guide to OpenLDAP Authentication, updating its configuration settings as well as give an introduction to its replication mechanism. Although I am no OpenLDAP guru at all, I set up a … Continue reading
Posted in Gentoo, Hardened, SELinux
Leave a comment
Ready, set, commit!
Yesterday, I have entered the realms of Gentoo Development again. But as it was getting late then, I had to wait before the first commits happened. So this evening, things were done. The first couple of documentation bugs (mostly related … Continue reading
Posted in Hardened
2 Comments