-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1

Tresys VM Fortress

,----[ Quote ]
| Tresys recently launched VM Fortress, a product based upon work done at the
| U.S. government’s National Security Agency and has been made available as
| SELinux.VM Fortress is designed to enhance virtual machine security “by
| confining virtual machines in a patent-pending sandboxing mechanism.
`----

http://blogs.zdnet.com/virtualization/?p=461

Zero Ballistics Beta for Linux available

,----[ Quote ]
| Zero Ballistics is a unique blend of first person shooter and tank combat,
| focusing on multiplayer gaming exclusively. An open beta version is now
| available and - surprise, surprise - there is a Linux client available!
`----

http://www.linux-gamers.net/modules/...p?storyid=2454


Recent:

Ubuntu gets SELinux

,----[ Quote ]
| It's official: SELinux is now available in the Ubuntu development ("Hardy
| Heron") distribution. "This is the result of the amazing work of the
| ubuntu-security and ubuntu-hardened teams, as well as the huge contributions
| from the folks at Tresys. (note: SELinux will not be the default, but is
| available as a security option.)" Installing it is a simple apt operation. * *
`----

http://lwn.net/Articles/273992/


Related:

A seatbelt for server software: SELinux blocks real-world exploits

,----[ Quote ]
| A security framework originally published by the US National Security Agency
| has begun to rack up an impressive list of protections agains security holes.
`----

http://www.linuxworld.com/news/2008/...s-linux-redhat


SELinux

,----[ Quote ]
| We all appreciate that when we turn on our Linux systems they're pretty
| secure. Thanks to continuing improvements to SELinux, it is increasingly easy
| for users to take advantage of this powerful security tool. Read on to find
| an interview with Daniel Walsh, the principal developer of SELinux in Fedora
| from Red Hat, where he tells us more about what SELinux does and how it's
| improved in Fedora 8. At the end of the article are some screenshots which
| show-off the new policy creation GUI. * * *
`----

http://fedoraproject.org/wiki/Interviews/SELinux


Related:

Tip of the Trade: SELinux *

,----[ Quote ]
| You don't need to be a super-guru to set up a workable SELinux policy, just
| an ordinary, diligent server administrator unafraid to read a bit of *
| documentation.
`----

http://www.serverwatch.com/tutorials...le.php/3702626


Linux Application Hardening

,----[ Quote ]
| When we talk about Linux hardening, we typically mean runtime
| application hardening to improve application reliability, leading to expected
| and predictable execution despite undesirable operating conditions (such as
| high memory or network overload). * *
`----

http://opensource.sys-con.com/read/431838_p.htm


SELinux — is it really too complex?

,----[ Quote ]
| What I discovered is that part of SELinux’s current dilemma is more easily
| fixable than the other, because it has nothing to do with technological chops
| and everything to do with public perception. Jim Klein, the director of
| information services and technology at the California-based Saugus Union
| School District, put it best: “The biggest problem for SELinux is mindshare,” *
| Klein told me. “It developed a stigma early on due to the lack of tools for
| configuration and troubleshooting, which led people to simply turn it off.”
| Currently, Klein is one of the many IT guys who has the SELinux switch in
| the “off” position. * * *
`----

http://enterpriselinuxlog.blogs.tech...y-too-complex/


SELinux vs. OpenBSD's Default Security

,----[ Quote ]
| Darrin Chandler suggested, "security should not be grafted on, it should be
| integrated into the main development process. I'm sure the patch maintainers
| are doing their best, but this doesn't change the fundamental flaw in the
| process. It's not a flaw of their making, it's inherent in the situation. But
| it's still a flaw." * *
`----

http://kerneltrap.org/OpenBSD/SELinu...fault_Security


Is SE Linux only for Linux?

,----[ Quote ]
| Sun is also apparently considering adding type-enforcement to Solaris. It’s
| yet to be seen whether this happens and if so whether it is compatible with
| SE Linux. *
|
| So it seems that a significant portion of the SE Linux code base is portable,
| and in particular the user-space code should port well. The interfaces for
| and methods labelling files etc should port well between platforms. Therefore
| I recommend not having SE Linux code split into Linux specific trees and
| instead having a compile option to enable SE Linux support. * *
`----

http://etbe.coker.com.au/2007/08/31/...nly-for-linux/


RSBAC 1.3 Series Released

,----[ Quote ]
| RSBAC, a European security solution similar to SELinux, has released
| the latest stable 1.3 series.
`----

http://www.osnews.com/story.php/1803...ries-Released/


Five ways SELinux may surprise you

,----[ Quote ]
| What you may not realize is all the ways SELinux is being applied to
| a variety of security challenges. Just because SELinux was initially
| developed by the military does not mean it is only useful to
| complicated security problems and large-budget organizations -- SELinux
| is for you too. And despite what you might have heard, you don't need to
| be an expert to reap the benefits of SELinux's powerful protection
| features.
`----

http://searchenterpriselinux.techtar...253747,00.html


What's new in SELinux for Red Hat Enterprise Linux 5?

,----[ Quote ]
| Lets take a look at SELinux, how it works, and what makes it effective.
| And why it should matter to you.
`----

http://www.redhatmagazine.com/2007/0...prise-linux-5/
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.4.6 (GNU/Linux)

iD8DBQFIYovMU4xAY3RXLo4RAsbZAKCyAjgcRQWkZyEVL5xdz5 pDklNMxQCfSork
Pwvd6AGrmkR0jL80p5vkeek=
=tB4g
-----END PGP SIGNATURE-----