Open Source
Open source software. Issues, software and news of note.

 
Home

Broadcast Flag

Privacy Digest

Children's Books

DVD & VHS Movies

Cool Electronics

Video Games

Lots Of Good Deals

Jewelry

Gourmet Foods

Beauty

Lots Of Good Books(Law)

Lots Of Good Books(Health)

Lots Of Good Books(Medicine)

Lots Of Good Books(Biography)

Lots Of Good Books(Law)


Subscribe to "Open Source" in Radio UserLand.

Click to see the XML version of this web page.

Click here to send an email to the editor of this weblog.

 
 

  Thursday, March 15, 2007

SELinux by Example. (Book Review)
SELinux by Example. Ravi writes "SELinux is a project started and actively maintained by the U.S Department of Defense to provide a Mandatory Access Controls mechanism in Linux. It had been a long standing grouse of Linux power users and system administrators over its lack of fine grained access control over various running processes as well as files in Linux. While Solaris touts its famous RBAC and Microsoft Windows has its own way of providing finer rights to its resources, Linux had to put up with the simple but crude user rights known in tech speak as discretionary access control to control user access of files. With SELinux project making great strides and now being bundled with many major Linux distributions, it is possible to effectively lock down a Linux system through judicious use of SELinux policies. SELinux implements a more flexible form of MAC called type enforcement and an optional form of multilevel security." -- Read the rest of Ravi's review. Or go directly to my Amazon Associate site and buy the book - SELinux by Example [Slashdot]
3:49:06 PM    

Core Security | CoreLabs - OpenBSD's IPv6 mbufs remote kernel buffer overflow

Vulnerability Description


The OpenBSD kernel contains a memory corruption vulnerability in the code that handles IPv6 packets. Exploitation of this vulnerability can result in:

1) Remote execution of arbitrary code at the kernel level on the vulnerable systems (complete system compromise), or;

2) Remote denial of service attacks against vulnerable systems (system crash due to a kernel panic)

The issue can be triggered by sending a specially crafted IPv6 fragmented packet.

OpenBSD systems using default installations are vulnerable because the default pre-compiled kernel binary (GENERIC) has IPv6 enabled and OpenBSD's firewall does not filter inbound IPv6 packets in its default configuration.


3:42:23 PM    

Remote Exploit Discovered for OpenBSD.
Remote Exploit Discovered for OpenBSD. An anonymous reader writes "OpenBSD is known for its security policies, and for its boast of "only one remote exploit in over 10 years". Well, make that two, because Core Security has found a remotely exploitable buffer overflow in the OpenBSD kernel. Upgrade your firewalls as soon as possible." [Slashdot]
3:39:14 PM    

Click here to visit the Radio UserLand website. © Copyright 2007 Paul Hardwick.
Last update: 3/18/07; 8:28:40 PM.

March 2007
Sun Mon Tue Wed Thu Fri Sat
        1 2 3
4 5 6 7 8 9 10
11 12 13 14 15 16 17
18 19 20 21 22 23 24
25 26 27 28 29 30 31
Feb   Apr