SELinux userspace 2.6 released

The SELinux userspace libraries and programs recently released version 2.6. I bumped them in Gentoo a couple days ago. They add a ton of new features, here are a few of the main points: more ...

SELinux desktop profile in Gentoo

SELinux desktop profiles came up on IRC earlier and I thought it might be a good idea to make a post about. Currently in gentoo there are only two selinux profiles: more ...

Trusted Boot Part 1

I finally managed to get tboot working in a way that makes sense to me. For those unfamiliar, tboot uses Intel's Trusted eXecution Technology to invoke a dynamic root of trust and then measure all the components you boot with (eg kernel and initrd). What took me ages to figure out was how one can upgrade kernels while keeping this chain working. more ...