Kernel space: should security modules be dynamically loadable?
,----[ Quote ]
| The ever-contentious Linux Security Modules (LSM) API is being debated once
| again on linux-kernel, not its removal, which Linus Torvalds came down firmly
| against, but whether it should allow security modules to be loaded
| dynamically.
`----
http://www.linuxworld.com/news/2007/103107-kernel.html?fsrc=rss-linux-news
Just look what the Windows security mess has left all across the Web...
UK.gov lambasted for ignoring peers' cybercrime report
,----[ Quote ]
| A leading security expert has criticised the UK government for ignoring
| recommendations on tackling cybercrime from peers.
`----
http://www.theregister.co.uk/2007/10/30/ukgov_cybercrime_response/
FTC demands bigger spyware penalties
,----[ Quote ]
| US consumer watchdog the Federal Trade Commission (FTC) is calling for a
| bigger stick with which to punish spyware purveyors.
`----
http://www.theregister.co.uk/2007/10/30/ftc_spyware_sanctions/
Related:
Tip of the Trade: SELinux
,----[ Quote ]
| You don't need to be a super-guru to set up a workable SELinux policy, just
| an ordinary, diligent server administrator unafraid to read a bit of
| documentation.
`----
http://www.serverwatch.com/tutorials/article.php/3702626
Linux Application Hardening
,----[ Quote ]
| When we talk about Linux hardening, we typically mean runtime
| application hardening to improve application reliability, leading to expected
| and predictable execution despite undesirable operating conditions (such as
| high memory or network overload).
`----
http://opensource.sys-con.com/read/431838_p.htm
SELinux — is it really too complex?
,----[ Quote ]
| What I discovered is that part of SELinux’s current dilemma is more easily
| fixable than the other, because it has nothing to do with technological chops
| and everything to do with public perception. Jim Klein, the director of
| information services and technology at the California-based Saugus Union
| School District, put it best: “The biggest problem for SELinux is mindshare,”
| Klein told me. “It developed a stigma early on due to the lack of tools for
| configuration and troubleshooting, which led people to simply turn it off.”
| Currently, Klein is one of the many IT guys who has the SELinux switch in
| the “off” position.
`----
http://enterpriselinuxlog.blogs.techtarget.com/2007/09/26/selinux-is-it-really-too-complex/
SELinux vs. OpenBSD's Default Security
,----[ Quote ]
| Darrin Chandler suggested, "security should not be grafted on, it should be
| integrated into the main development process. I'm sure the patch maintainers
| are doing their best, but this doesn't change the fundamental flaw in the
| process. It's not a flaw of their making, it's inherent in the situation. But
| it's still a flaw."
`----
http://kerneltrap.org/OpenBSD/SELinux_vs_OpenBSDs_Default_Security
|
|
