Local policy management script

I've written a small script that I call selocal which manages locally needed SELinux rules. It allows me to add or remove SELinux rules from the command line and have them loaded up without needing to edit a .te file and building the .pp file manually. If you are interested …

more ...

Gentoo Hardened progress meeting

Not that long ago we had our monthly Gentoo Hardened project meeting (on October 3rd to be exact). On these meetings, we discuss the progress of the project since the last meeting.

For our toolchain domain, Zorry reported that the PIE patchset is updated for GCC, fixing bug #436924. Blueness …

more ...

git patch apply

I recently had to merge the changes made to an upstream project with a local repository. I took out the changes as patches through git format-patch (as the local repository isn't a clone of the remote one so I couldn't just create a branch and merge) and hoped to apply …

more ...

Perimeter security testing

I've been asked a few times how I would do perimeter security testing. Personally, I'm not an offensive security guy, more a defensive one, meaning I'm more about security-related defensive methods rather than PEN testing of any kind. But still, even in a defensive position, having a "view" on how …

more ...

Gentoo Hardened in August

Last wednesday Gentoo Hardened held its monthly online meeting to discuss the progress of the various subprojects, reconfirm the current project leads, talk about potential new projects and discuss some bugs that were getting on our nerves...

For the project leads, all current leads were reconfirmed: Zorry will keep tight …

more ...

Lots of work on supporting swig-2

The SELinux setools package provides a few of the commands I used the most when working with SELinux: sesearch for looking through the policy and seinfo to get information on type/attribute/role/... from the currently loaded policy.

This package uses swig, the Simplified (sic) Wrapper and Interface Generator to …

more ...



Gentoo Hardened on the move

Gentoo Hardened is thriving and going forward. For those that don't exactly know what Gentoo Hardened is - it is a Gentoo project dedicated to bring Gentoo in a shape ready for highly secure, high stability production server environments. This is what we live by, and why we do what we …

more ...