LinuxQuestions.org
Help answer threads with 0 replies.
Home Forums Tutorials Articles Register
Go Back   LinuxQuestions.org > Blogs
Reload this Page Blog Entries
User Name
Password

Notices


Old

sshd chroot jails based on hostname and SELinux

Posted 04-01-2013 at 10:46 AM by sag47
Updated 04-01-2013 at 10:51 AM by sag47
Why chroot jails based on host name?
If you don't care about the background info just jump to Setting up sshd chroot jail and SELinux.

So I have started configuring automated deployments through my organization using a continuous integration server called Jenkins. I'll post more on Jenkins regularly so that eventually you can have a series of posts which wrap up into a nice and secure howto for Jenkins. So here's why I want chroot jails based on host names.

...
Continue reading...
Senior Member
Views 8751 Comments 0 sag47 is offline
Old

Dance with the Devil: UEFI: Getting MS to sign our Pre-bootloader

Posted 11-21-2012 at 01:50 PM by hydraMax (Bits and Pixels)
Updated 11-23-2012 at 11:45 PM by hydraMax
Found this hilarious, and sickening, link on Slashdot:

http://blog.hansenpartnership.com/ad...-uefi-signing/

It's an article written by the poor guy who is trying to get the Linux Foundation's pre-bootloader signed by Microsoft, so we all can install Linux on Microsoft-approved hardware (without disabling UEFI secure boot manually). Describes all the steps he had to go through, compromises he had to make, and agreements he had to sign in the process....
Continue reading...
Member
Posted in Uncategorized
Views 5986 Comments 1 hydraMax is offline
Old

UFEI Secure Boot: An Understandable Explanation

Posted 11-12-2012 at 05:13 PM by hydraMax (Bits and Pixels)
Updated 11-21-2012 at 01:56 PM by hydraMax
Tags security
http://faif.us/cast/2012/sep/27/0x32/

This oggcast contains Matthew Garrett's discussion of UEFI and Secure Boot. It is the first explanation I've heard on the subject that really came across clearly.
Member
Posted in Uncategorized
Views 1310 Comments 0 hydraMax is offline
Old

People are still using Java...?!

Posted 09-02-2012 at 12:03 AM by hydraMax (Bits and Pixels)
I thought a few lines from this last report about a Java vulnerability were rather humorous:

http://www.theregister.co.uk/2012/08..._patched_java/

Quote:
Security Explorations, the Polish security startup that discovered the Java SE 7 vulnerabilities that have been the targets of recent web-based exploits, has spotted a new flaw that affects the patched version of Java released this Thursday....

As in the case of the earlier vulnerabilities,
...
Continue reading...
Member
Posted in Uncategorized
Views 5909 Comments 1 hydraMax is offline
Old

SELinux and Icinga

Posted 08-05-2012 at 12:39 AM by sag47
Updated 08-05-2012 at 12:57 AM by sag47
Today I ran into an SELinux problem when installing icinga. I followed their documentation "Adjusting the SELinux settings". However my cgis still would not run. When I ran,
Code:
cat /var/log/audit/audit.log | audit2allow -v
I received the following output,
Code:
#============= httpd_sys_script_t ==============
# src="httpd_sys_script_t" tgt="initrc_tmp_t" class="file", perms="{ read getattr open }"
# comm="tac.cgi"
...
Continue reading...
Senior Member
Views 118652 Comments 3 sag47 is offline
Page 2 of 7 1 2 34 Last »

  



All times are GMT -5. The time now is 10:59 PM.

Contact Us - Advertising Info - Rules - Privacy - LQ Merchandise - Donations - Contributing Member - LQ Sitemap -
Main Menu
Advertisement
Advertisement
My LQ
Write for LQ
LinuxQuestions.org is looking for people interested in writing Editorials, Articles, Reviews, and more. If you'd like to contribute content, let us know.
Main Menu
Syndicate
RSS1  Latest Threads
RSS1  LQ News
Twitter: @linuxquestions
Open Source Consulting | Domain Registration